| | 11 | |
| | 12 | NB: It is a requirement for the notification lookup request that it applies the same permission rules as if the respective user would access the resource online, so that they are only notified about such records they are permitted to access - and of course all additional role-based content rules in the controller are also applied. |
| | 13 | |
| | 14 | For that to work, obviously the subscription must be associated with a user, and hence with the pe_id of a user. If the subscription is not associated with an individual user, then the lookup request is, logically, anonymous. |
| | 15 | |
| | 16 | That means, if you want to subscribe a person entity that is not an individual user, but e.g. a group or an organization, then the target controller and table must be accessible by the ANONYMOUS role. |
