On 30 Jun 2009, at 11:43, Sean Radford wrote:
> If I set the following access rights on 'default server':
>
> * members (grant read)
>
>
> As expected, for 'default domain' I have the following inherited
> rights:
>
> * members (grant read)
>
>
> I then set the following local rights on 'default domain':
>
> * members (deny read)
>
>
> On Workspaces I then have the following inherited rights:
>
> * members (grant read) (deny read)
>
>
> Now (as expected) the policy on Workspaces works correctly in that
> the local rights on 'default domain' (members deny read) take
> precedence over the 'default server' (members grant read).
>
> But would the UI be better to only display (members deny read) to
> make it clearer to end-users?
Yes probably... But this UI is quite complex to design actually, it
has to be clear enough while at the same time presenting enough
information. If you have a patch for that please create a JIRA ticket,
and we'll look at integrating it.
Florent
--
Florent Guillaume, Head of R&D, Nuxeo
Open Source, Java EE based, Enterprise Content Management (ECM)
http://www.nuxeo.com http://www.nuxeo.org +33 1 40 33 79 87
_______________________________________________
ECM mailing list
ECM@...
http://lists.nuxeo.com/mailman/listinfo/ecmTo unsubscribe, go to
http://lists.nuxeo.com/mailman/options/ecm
