jackrabbit-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Marian Schedenig (qs)" <Marian.Schede...@qualysoft.com>
Subject WebDAV, Versioning and ACLs
Date Thu, 07 May 2009 10:50:49 GMT


I'm using versioning and (pre-2.0) ACL access control via WebDAV. For this
purpose I have derived my own DavResource and implemented the AclResource
properties to handle ACL access. This works fine, as does versioning,
however the combination of both is a bit of a problem.

When the DAV client sets the ACL, I set the corresponding JCR ACL on the
"main" node representing the file presented to the DAV client. This seems
the right way to do it, as it works for both directories and files and
prevents users without privileges from modifying the properties of the file
node itself.

However, DAV versioning of files is ALSO performed directly on the main node
(and not, for example, on jcr:content). This means that when a "file" is
versioned and checked in, none of its subnodes may be modified - and that
includes the ACL stored in the rep:policy node.

In short: To change permissions on a versioned file, I have to checkout the
file first. This isn't only annoyingly complicated, but it also creates a
new version for every ACL change a user performs.

Wouldn't it make more sense to use just the jcr:content node for DAV
versioning? In the meantime (as versioning is done by Jackrabbit code and
not, like the ACL handling, my own extensions), is there a workaround for
this (I can't think of any)?


View this message in context: http://www.nabble.com/WebDAV%2C-Versioning-and-ACLs-tp23424249p23424249.html
Sent from the Jackrabbit - Users mailing list archive at Nabble.com.

View raw message