| | 69 | Permissions can be set separately for users owning a record (Owner ACL {{{oacl}}}) and for any other user (User ACL, {{{uacl}}}). |
| | 70 | |
| | 71 | Tables can implement a record ownership by adding two meta fields: |
| | 72 | |
| | 73 | ||Field name||Type||Description|| |
| | 74 | ||created_by||integer (reference auth_user)||ID of the user who has created this record|| |
| | 75 | ||owned_by||integer (reference auth_group)||ID of the group (role) who own the record|| |
| | 76 | |
| | 77 | These meta fields are contained in both {{{s3_authorstamp()}}} as well as {{{s3_meta_fields()}}}. |
| | 78 | |
| | 79 | A user is considered ''owner'' of a record if he has either created the record (user ID == {{{created_by}}}), or he is a member of the owner group ({{{owned_by}}} in user roles). |
| | 80 | |
| | 81 | In tables which do not define either of these meta-fields, ownership rules are not applied. |
| | 82 | |
| | 83 | If a user ownes a record, then the most permissive of the User ACL and the Owner ACL gets applied (i.e. setting the Owner permissions more restrictive than the User permissions has no effect). |
