- From: Eric Sedlar <Eric.Sedlar@oracle.com>
- Date: Tue, 12 Jun 2001 15:45:01 -0700
- To: "Yaron Goland" <yaron.goland@openwave.com>, "Clemm, Geoff" <gclemm@rational.com>, <ietf-dav-versioning@w3.org>
- Cc: <acl@webdav.org>
Isn't "the ACL list it currently uses to decide who gets to see the version" the ACL on the version history resource, or is what you want a version- independent ACL that applies to all versions of a resource, that can override the ACL on that particular version? > -----Original Message----- > From: acl-admin@webdav.org [mailto:acl-admin@webdav.org]On Behalf Of > Yaron Goland > Sent: Tuesday, June 12, 2001 2:29 PM > To: Clemm, Geoff; ietf-dav-versioning@w3.org > Cc: acl@webdav.org > Subject: RE: [ACL] RE: lock and access control lists on (working) > versions > > > When I version a resource I will also likely want to version the access > control list it had when I 'froze' it. This is very important for things > like security checks. Imagine that an employee who was fired a year ago > turned out to be a corporate spy, you are going to want to check what > resources he had access to back then. This means that a version > really needs > two sets of ACLs. One if the ACL list it had when it was frozen. The other > is the ACL list it currently uses to decide who gets to see the version. > > > -----Original Message----- > > From: acl-admin@webdav.org [mailto:acl-admin@webdav.org]On Behalf Of > > Clemm, Geoff > > Sent: Saturday, May 26, 2001 8:27 AM > > To: ietf-dav-versioning@w3.org > > Cc: acl@webdav.org > > Subject: [ACL] RE: lock and access control lists on (working) versions > > > > > > As Tim surmised, the answer to (1) is in fact "yes". > > Each version is a separate resource, and each resource > > can have its own distinct access control list. > > > > Cheers, > > Geoff > > > > -----Original Message----- > > From: Tim_Ellison@uk.ibm.com [mailto:Tim_Ellison@uk.ibm.com] > > Sent: Wednesday, May 16, 2001 5:42 AM > > To: ietf-dav-versioning@w3.org > > Cc: acl@webdav.org > > Subject: Re: lock and access control lists on (working) versions > > > > > > > > > > "Pill, Juergen" <Juergen.Pill@softwareag.com> > > > Hello, > > > > > > 1) Would it be possible with DETA-V to have different access > > control list > > > for different versions of a resource, e.g. V1 of resource /foo > > will allow > > > user A to modify and read, but V2 of resource /foo will allow > user A to > > read > > > read only? > > > > You'd have to ask the ACL-folk that question, but I would sincerely hope > > the answer is 'yes'. > > > > > 2) Would it be possible to have two distinct locks on two different > > > (working) resources? > > > > Yes. Working resources have distinct server-defined URLs. They can be > > locked using their URLs just like any other resource. > > > > > Does that make sense at all? > > > > Yep. > > > > Tim > > > > > > _______________________________________________ > > acl mailing list > > acl@webdav.org > > http://mailman.webdav.org/mailman/listinfo/acl > > > > > > > _______________________________________________ > acl mailing list > acl@webdav.org > http://mailman.webdav.org/mailman/listinfo/acl >
Received on Tuesday, 12 June 2001 18:53:50 UTC