All that means is that artifacts aren't forced to use only the common create, update, and delete permissions. As was suggested in the design, a service could have an access permission, entities could have a filter permission, etc.
-Adrian --- On Sat, 5/16/09, Bruno Busco <bruno.bu...@gmail.com> wrote: > From: Bruno Busco <bruno.bu...@gmail.com> > Subject: Re: Discussion: Security-Aware Artifacts > To: dev@ofbiz.apache.org > Date: Saturday, May 16, 2009, 10:33 PM > Adrian, > I added a comment on the Wiki page. I forward it here... > > --------------- > > That's really cool! I can't wait to see it working! > > BTW I can see in the design that an artifact can define an > own specific > permission. May be adding a scenario like: "User X can > perform the artifact > Y-specific operation W on the artifact Y" could be > helpfull. > > How the artifact will add its own specific permission? > Posted by Bruno Busco <http://docs.ofbiz.org/display/%7Ebruno.busco> at > May > 16, 2009 11:14 | > Permalink<http://docs.ofbiz.org/display/OFBTECH/OFBiz+Security+Refactor?focusedCommentId=8091#comment-8091> > > --------------- > > Thank you, > > Bruno > > > > 2009/5/16 Adrian Crum <adrian.c...@yahoo.com> > > > > > This is a continuation of the security refactoring > discussion. > > > > There is a Wiki page that outlines the design of > Security-Aware Artifacts: > > > > http://docs.ofbiz.org/x/Ch8 > > > > I started to build out the scenarios, so that we can > be sure the design > > meets everyone's needs as expected. > > > > David - I'm not sure where each scenario is currently > implemented. If there > > is a current implementation you had in mind, please > let me know and I will > > update the page. > > > > David - I'm not real clear on your dynamic hierarchy > design, so I tried to > > guess how it works in the scenario pages. Let me know > if I'm wrong. Just > > give me a clear example of how it works (keep in mind > I'm not inside your > > head) and I will update the pages. > > > > Developers - please review and comment. This will > effect everyone. > > > > -Adrian > > > > > > > > > > >
