[opencms-dev] locking and stealing locks within projects

Alexander Kandzior Alexander.Kandzior at framfab.de
Wed Aug 15 12:20:43 CEST 2001 

> 1)  Why can anyone able to lock a resource (when unlocked), 
> steal the lock
> when it's already locked by someone else?  This defeats the purpose of
> locking in the first place.

The lock is neccessary to see if someone else is working on the file or not,
in order prevent parallel editing of the same resource. It's not an access
security mechanism. Use the file permissions for that. 

> 2)  Shouldn't steal lock only be available to the Admin group and the
> current project admin group for resources of the current project?

This is obviously a matter of taste. We belive that it's better that anyone
(given he has permissions) can easily do changes to the content.

> 3)  The current locking of a resource is allowed if:
>      - cur proj is NOT online proj
>      - cur user has access to cur proj
>      - resource is part of cur proj
>      - no parent folders of resource is locked by another user
>     This doesn't give the project's manager any more rights 
> than a project's
> user (except publishing).  If some else takes away a 
> resource's 'group write
> access', the project manger cannot edit it.  Why isn't project manager
> status taken into account for locking/stealing lock/editing access?
> According to the user manual it should be taken into account.

The sole function of the project manager group is the permission to create
new projects. Even the publishing can be done by another group (however,
this is defined when creating the project so the project manager has full
control over who can publish). 

> 4)  Is there a way to structure a project (folder) in such a 
> way that a
> project user can only lock and change (including transfer of 
> ownership)
> resources they own (i.e. curent user is resource owner), 
> while a project
> manager of the project can lock/steal lock/change any resource in the
> project?

The way to do it would be to structure the project folders with apropriate
group / file permissions. That might not lead 100% to the result requested,
but would come close. 

Regards,
Alex. 

OpenCms Group.

More information about the opencms-dev mailing list