Hi Jochen,
OpenCMIS does not calculate the Allowable Actions for you. The server
implementation has to do that.
Depending on the repository, the Allowable Actions can include something
that is not expressible with ACLs. For example, even if a user can see a
folder, that doesn't mean that the user is allowed to call
getChildren(). That can vary from folder to folder in a repository
because of another rule, a police, or configuration.
There are also some edge cases. The root folder, for example, cannot be
moved or deleted even if the user has the cmis:all permission.
- Florian
Hi there,
we enhanced the OpenCMIS JCR bridge by adding support for ACLs. We
implemented the getAcl and applyAcl methods and set ACL capabilities
in the repository info.
How do ACLs influence the allowable actions of an object? Do I have to
calculate the allowable actions on my own or does OpenCMIS combine the
"base" allowable actions of an object with the permission mapping
specified in the repository info?
Regards
Jochen
