Changes between Version 56 and Version 57 of S3/S3AAA
- Timestamp:
- 02/08/11 19:50:29 (14 years ago)
Legend:
- Unmodified
- Added
- Removed
- Modified
-
S3/S3AAA
v56 v57 122 122 6. An ACL for the ''aaa_bbbbb'' table, which sets {{{(uacl=NONE, oacl=READ)}}} for the ''Clerk'' role 123 123 124 With this configuration, a user who has the ''OrgX Staff'' role, would own record ''Y''. But this role doesn't give him any permission to access the record (no ACL defined on ''aaa_bbbbb'' for role ''OrgX Staff''). 124 With this configuration, a user who has the ''OrgX Staff'' role, would own record ''Y''. However, the fact that he owns the record doesn't give him any permission to access it. 125 126 (Note that there is intentionally no ACL defined on ''aaa_bbbbb'' for role ''OrgX Staff''!) 125 127 126 128 If the user would have both, the ''OrgX Staff'' and the ''Boss'' roles, then he would own the record ''Y'' (as per {{{owned_by}}}) and also be permitted to {{{read}}}, {{{update}}} and {{{delete}}} this record (as per ACL for ''Boss''), and additionally, he could add new records to ''aaa_bbbbb''.
