Hi everyone, I would like to write down some ideas I had, because there is high probability I'm going to forgot them soon :)
This idea targets a way to implement server-side security by using views only, instead of view+list. If possible, It may open up a wide range of new possibilities for app devs. Given that views know nothing about userCtx, is it possible to enhance the _rewrite engine to create/overwrite a reserved dynamic variable, named ":userCtxName" with the value of userCtx.name? This variable could then be effectively used within the "to" or "query" rewriting rule attributes, as example, to perform read ACL at view level directly. More generally the question is: can _rewrite engine be improved to include userCtx concepts? Which could be the drawbacks? Ok, ideas finished. I won't bother you anymore. :) -- Giovanni Lenzi www.smileupps.com Smileupps Cloud App Store
