Changes between Version 56 and Version 57 of S3/S3AAA


Ignore:
Timestamp:
02/08/11 19:50:29 (11 years ago)
Author:
Dominic König
Comment:

--

Legend:

Unmodified
Added
Removed
Modified
  • S3/S3AAA

    v56 v57  
    122122  6. An ACL for the ''aaa_bbbbb'' table, which sets {{{(uacl=NONE, oacl=READ)}}} for the ''Clerk'' role
    123123
    124 With this configuration, a user who has the ''OrgX Staff'' role, would own record ''Y''. But this role doesn't give him any permission to access the record (no ACL defined on ''aaa_bbbbb'' for role ''OrgX Staff'').
     124With this configuration, a user who has the ''OrgX Staff'' role, would own record ''Y''. However, the fact that he owns the record doesn't give him any permission to access it.
     125
     126(Note that there is intentionally no ACL defined on ''aaa_bbbbb'' for role ''OrgX Staff''!)
    125127
    126128If the user would have both, the ''OrgX Staff'' and the ''Boss'' roles, then he would own the record ''Y'' (as per {{{owned_by}}}) and also be permitted to {{{read}}}, {{{update}}} and {{{delete}}} this record (as per ACL for ''Boss''), and additionally, he could add new records to ''aaa_bbbbb''.