[prev in list] [next in list] [prev in thread] [next in thread]
List: slide-dev
Subject: DO NOT REPLY [Bug 22001] New: -
From: bugzilla () apache ! org
Date: 2003-07-30 21:12:15
[Download RAW message or body]
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
<http://nagoya.apache.org/bugzilla/show_bug.cgi?id=22001>.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND
INSERTED IN THE BUG DATABASE.
http://nagoya.apache.org/bugzilla/show_bug.cgi?id=22001
Permissions inverted during Copy/Move
Summary: Permissions inverted during Copy/Move
Product: Slide
Version: Nightly
Platform: All
OS/Version: All
Status: NEW
Severity: Normal
Priority: Other
Component: Core
AssignedTo: slide-dev@jakarta.apache.org
ReportedBy: Jim.Myers@pnl.gov
The copyObject method in org.apache.slide.macro.MacroImpl does not check to see
whether the "negative" flag is set on a permission entry. The result is that
any copy/move of a resource with negative permissions (that deny access to a
given principal) are inverted and allow access to the copy. The fix appears to
be to add the line below to call a different NodePermission constructor:
NodePermission newPermission =
new NodePermission(destinationUri,
permission.getSubjectUri(),
permission.getActionUri(),
permission.isInheritable()
/*added line*/ permission.isNegative()
);
I've been working with Slide 1.x, but verified that the code is still the same
in the 1.29 version of MacroImpl.java on the HEAD branch.
Thanks to Carina.Lansing@pnl.gov who discovered the problem.
---------------------------------------------------------------------
To unsubscribe, e-mail: slide-dev-unsubscribe@jakarta.apache.org
For additional commands, e-mail: slide-dev-help@jakarta.apache.org
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic