[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: [OASIS Issue Tracker] Created: (CMIS-403) ACLPropagation -- unclearhow precedence works for "propagate" value
ACLPropagation -- unclear how precedence works for "propagate" value
--------------------------------------------------------------------
Key: CMIS-403
URL: http://tools.oasis-open.org/issues/browse/CMIS-403
Project: OASIS Content Management Interoperability Services (CMIS) TC
Issue Type: Bug
Components: Domain Model
Affects Versions: Draft 0.62
Reporter: Ethan Gur-esh
Assignee: Ethan Gur-esh
Priority: Minor
Currently, the definition for the "propagate" value for "ACLPropagation" (section 2.8.5, line 621) says: "indicates that the ACEs is to be applied to the given object and all “inheriting” objects – i.e. with the intended side effect that all objects which somehow share the provided security constraints should be changed accordingly."
I think this definition is either unclear or two restrictive. Consider the following case: What if a folder "Foo" contains 5 items, and one of the items "bar" current has ACLs set on it that were set with the "objectonly" propagation type. (I.e. per-item permissions).
Clearly, setting new ACLs on "Foo" with ACLPropagation=propagate should affect the other 4 items in "Foo", but what about "Bar"?
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: http://tools.oasis-open.org/issues/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]