Ok. Nevermind on this. I've found my own answer and the way I see it, there would be millions of ids under the "_allow" property. So, I understand now that the user security is only for database user security and cannot be used for application user security. This is good to know. I was going to use the ORestricted system for database user security for a multi-tenancy approach, which it will cover well, I suppose. At the same time, I was wondering if the user security could be also dropped down a level and also be used for application data security. This is not possible.
If I am wrong, please let me know, but I just can't imagine millions of user ids being easily scanned to allow for access to each and every record. Scott -- --- You received this message because you are subscribed to the Google Groups "OrientDB" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/d/optout.
