behavior of dav:inherited-acl-set

Does the <dav:inherited-acl-set> property apply recursively ? i.e. if a resource R1 specifies R2 as part of its <dav:inherited-acl-set>, then in addition to the ACL on R2 (as specified by DAV:acl property), does the <dav:inherited-acl-set> property of R2 *also* apply in determining the privilege on R1 ? The RFC is not very clear on this point.

-- Excerpt from RFC 3744
5.7 DAV:inherited-acl-set
This protected property contains a set of URLs that identify other resources that also control the access to this resource. To have a privilege on a resource, not only must the ACL on that resource (specified in the DAV:acl property of that resource) grant the privilege, but so must the ACL of each resource identified in the DAV:inherited-acl-set property of that resource. Effectively, the privileges granted by the current ACL are ANDed with the privileges granted by each inherited ACL. 

-- End Excerpt

Thanks.

- Ravi

Received on Wednesday, 8 September 2004 19:46:49 UTC