jackrabbit-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Kevin Jansz <kevin.ja...@exari.com>
Subject Granting access to versionStorage?
Date Tue, 08 Feb 2011 05:39:29 GMT
In a repository (versioning & security configured)
- a user can create a resource in an area where the ACLs allow it (say
"testuser" has jcr:all on /content/example)
- they can view the history of versions for the resource
- they hit an issue if they try to label a version (system code is
running javax.jcr.version.VersionHistory.addVersionLabel(String,
String, boolean) on behalf of the user)
        - this hits an AccessDeniedException
- checking the ACLs in the versionStorage area
(/jcr:system/jcr:versionStorage/../../....) this is set to
        - administrators have jcr:all
        - everyone has jcr:read
        this must be the default as this area has not had ACLs configured
- all attempts to edit ACLs on /jcr:system/jcr:versionStorage/ seem to
have no effect

I probably haven't described this well, but it seems I might be using
the methods in the wrong way ... in summary:
- is version labelling meant to be an administrators-only function?
- if not, it seems that having jcr:all on something that is
mix:versionable does not automatically mean you'll have
label (jcr:versionManagement or jcr:modifyProperties?) access to the
item's version history. Are there
recommendations/examples for how this can/should be configured?


Kevin Jansz
Level 7, 10-16 Queen Street, Melbourne 3000 Australia
Tel +61 3 9621 2773 | Fax +61 3 9621 2776
Exari Systems
Boston | London | Melbourne | Munich

Test drive our software online - www.exari.com/demo-trial.html
Read our blog on document assembly - blog.exari.com

View raw message