As I was running through my test code, I hit on a somewhat
interesting
situation. Imagine, if you will, the following set of rules
in a particular
topic:
DenyEdit: user:candera
AllowEdit: user:candera
Obviously, in this case, user candera should be denied edit.
But what about
Read? The way the rules are set up right now, Read is
actually allowed.
That's because although DenyEdit doesn't imply anything,
AllowEdit implies
AllowRead. As a result, the engine infers that Read should
be allowed, which
might be a bit surprising to someone who put the DenyEdit on
the page.
I haven't thought of a way to change the model such that it
would still be
easy to remember but that this particular combination of
rules would result
in read being denied. And the more I think about it, the
more I think that
maybe that's the right thing to do.
Plus, anyone that does this on a page sort of gets what they
deserve. 
Comments?
------------------------------------------------------------
-------------
Using Tomcat but need to do more? Need to support web
services, security?
Get stuff done quickly with pre-integrated technology to
make your job easier.
Download IBM WebSphere Application Server v.1.0.1 based on
Apache Geronimo
http://sel.as-us.falkag.net/
sel?cmd=lnk&kid=120709&bid=263057&dat=121642
_______________________________________________
Flexwiki-users mailing list
Flexwiki-users lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/flexwiki
-users
|