Hi Scott, You could assign the role to users and then you can configure that the first user's role goes automatically in ORestricted subclass with:
orientdb> ALTER CLASS Post CUSTOM onCreate.identityType=role For more information look at: http://orientdb.com/docs/last/Database-Security.html#customize-on-creation. However I agree that if the combinations are hundreds or more, this approach doesn't scale and it's much better to use something at application level. Best Regards, Luca Garulli Founder & CEO OrientDB <http://orientdb.com/> On 1 February 2016 at 09:36, scott molinari <[email protected]> wrote: > Can you give an example on how that would work? Unfortunately nothing in > the docs about record level security that I could find mentions being able > to use roles at that level. From what I understand, only access for these > "resources" can be controlled through roles. > > > - database, checked on accessing to the database > - database.class.<class-name>, checked on accessing on specific class > - database.cluster.<cluster-name>, checked on accessing on specific > cluster > - database.query, checked on query execution > - database.command, checked on command execution > - database.schema, checked to access to the schema > - database.function, checked on function execution > - database.config, checked on accessing at database configuration > - database.hook.record > - server.admin, checked on accessing to remote server administration > > > Scott > > -- > > --- > You received this message because you are subscribed to the Google Groups > "OrientDB" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > For more options, visit https://groups.google.com/d/optout. > -- --- You received this message because you are subscribed to the Google Groups "OrientDB" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/d/optout.
