jackrabbit-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "hsp" <piccina...@ibest.com.br>
Subject Re: Mixin values.
Date Mon, 03 Apr 2006 15:11:12 GMT
Thanks Marcel by your interest to help me.
So, let me see if I got what you said. I have to store in the user nodes a propertie per each
node the user has rights to access, for ex:
Node user=getnode(userid);

Would be nearly this way? So the query will test if the usernode has the property with the
nodeid name and the value with the right allowed. Please, I need more comments about it.


>hsp wrote:
>> Let's supose I need to store in a useraccess propertie of myapp:user
>> node type two values: itemId and kindRight (concatenated..., maybe). 
>> Will I get success using the propertie associating it with mixin
>> (multiple values)? So the user Node Helio, has the propertie
>> useraccess with the values:  '1234,read', '1235,write', ... I must
>> store the multi values into the useracess propertie like a row in a
>> table, and when test access rights in a node, first I have got to
>> find if the id of that node is stored in any value of the propertie
>> (useraccess) and in the string that contains the nodeid has the
>> proper right too (read, write,...), ok?? I can do this with a query
>> by xpath, searching in the node with the id for that user, if
>> contains a string in that propertie...Am I right?
> >
>> So, this way I can do my security verifications, before any
>> operations, ok?
>using a query in this case is technically possible, but I doubt that 
>executing a query on each item access will perform reasonably.
>I rather recommend to re-arrange your access control structure in a way 
>that allows you to address them directly. e.g. use the item id as a 
>property name that contains the access right value?
>  marcel

View raw message