Belatedly... there are already some interesting ideas in this thread, but
just wanted to pick up on your original post ...
On Wednesday, 7 August 2013, David Tildesley wrote:
We are looking at building a RBAC capability that evaluates security
entitlements for users. e.g.
...
if
Dan Haywood wrote:
Even though you say you don't want to think of this in terms of security,
it does feel like a security concern to me... at least insofar that
addRole(user, securityRole) implies access to specific functionality?
Hi Dan,
I think you have misunderstood - the security roles
Hi,
We are looking at building a RBAC capability that evaluates security
entitlements for users. The business rule to determine an effective role may be
based on a combination of the users attributes. e.g. job title, organisation
unit, location, organisation. The rules are not going to be all
: Wednesday, 7 August 2013 6:44 PM
Subject: rules externalised from the code
Hi,
We are looking at building a RBAC capability that evaluates security
entitlements for users. The business rule to determine an effective role may be
based on a combination of the users attributes. e.g. job title
and loaded from a persistent source at run-time and then
executed)?
Regards,
David.
From: David Tildesley davo...@yahoo.co.nz
To: users users@isis.apache.org
Sent: Wednesday, 7 August 2013 6:44 PM
Subject: rules externalised from the code
Hi
Hi Oscar,
Thanks. That's handy. We'll explore that new feature.
Cheers,
David.
Sent from Yahoo! Mail on Android
