Changes between Version 21 and Version 22 of BluePrintAuthorization
- Timestamp:
- 06/19/10 15:04:58 (14 years ago)
Legend:
- Unmodified
- Added
- Removed
- Modified
-
BluePrintAuthorization
v21 v22 201 201 * Simply add the Authenticated group (2) to the table (or records in the table if using Option 3) 202 202 * ~~This requires all authenticated users to be added to the 'Authenticated' group~~ 203 * What if just some fields should be protected? 203 204 204 205 * A Person's Subscriptions shouldn't be visible by default. … … 219 220 * Patch {{{shn_has_permission()}}} & {{{shn_accessible_query()}}} to spot this special case &, if no other roles match, then do a lookup in another table (or deployment_settings dict) 220 221 222 * An Admin should be able to restrict access to records to just those within a certain organisation (or the Focal Point for the organisation) 223 * Add a special role 'Organisation' which can be added to {{{writer_id}}} (& maybe {{{reader_id}}} although less use case for this) 224 * Patch {{{shn_has_permission()}}} & {{{shn_accessible_query()}}} to spot this special case &, if no other roles match, then do a lookup in another table (or deployment_settings dict) 225 221 226 * If access to a record is restricted then access to messages relating to that record should also be restricted 222 227 * unless routed somewhere visible as well! … … 226 231 * Need special handling for this in shn_create/shn_update? 227 232 * Might need to differentiate the 2 (can deposit new but not edit existing) 233 * Might want to be have new records by unauthenticated users not be visible in lists until an admin has approved them 228 234 ---- 229 235 BluePrintAuthenticationAccess
