sling-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
Subject svn commit: r903478 - in /websites/staging/sling/trunk/content: ./ documentation/bundles/resource-access-security.html
Date Tue, 25 Mar 2014 08:39:02 GMT
Author: buildbot
Date: Tue Mar 25 08:39:01 2014
New Revision: 903478

Staging update by buildbot for sling

    websites/staging/sling/trunk/content/   (props changed)

Propchange: websites/staging/sling/trunk/content/
--- cms:source-revision (original)
+++ cms:source-revision Tue Mar 25 08:39:01 2014
@@ -1 +1 @@

Modified: websites/staging/sling/trunk/content/documentation/bundles/resource-access-security.html
--- websites/staging/sling/trunk/content/documentation/bundles/resource-access-security.html
+++ websites/staging/sling/trunk/content/documentation/bundles/resource-access-security.html
Tue Mar 25 08:39:01 2014
@@ -149,10 +149,16 @@
 <p>And you have to register the ResourceAccessGate with the path where you wan’t
to restrict access and the operation property set to “read”. Furthermore you have
to decide if the ResourceAccessGate should operate on all resource providers (context=”application”)
or only on the resourceproviders flagged with the property useResourceAccessSecurity=true
+<h3 id="gateresult">GateResult</h3>
+<p>GateResult does have three states:
+<em> GateResult.GRANTED
+</em> GateResult.DENIED
+* GateResult.CANT_DECIDE</p>
+<p>The first two of them are self-explanatory. CANT_DECIDE means that the actual gate
neither can grant nor deny the access. If no other gate does return GRANTED or DENIED the
access to the resource will be denied for security reasons. CANT-DECIDE comes handy if you
declare finaloperations (where no other gate will be called after this gate). If such a gate
returns CANT_DECIDE, further gates will be called regardless of the setted finaloperations
 <h2 id="actual-state-of-resourceaccesssecurity">Actual state of ResourceAccessSecurity</h2>
 <p>By now the implementation is complete for securing access on resource level for
CRUD operations. It is not yet ready to allow fine granular access rights on values of a resource.
So at the moment the <code>canReadValue, canUpdateValue, canDeleteValue</code>
and <code>canCreateValue</code> on <code>ResourceAccessGate</code>
methods are ignored.</p>
       <div class="timestamp" style="margin-top: 30px; font-size: 80%; text-align: right;">
-        Rev. 1581275 by mykee on Tue, 25 Mar 2014 08:32:00 +0000
+        Rev. 1581276 by mykee on Tue, 25 Mar 2014 08:38:55 +0000
       <div class="trademarkFooter"> 
         Apache Sling, Sling, Apache, the Apache feather logo, and the Apache Sling project

View raw message