Changes between Version 76 and Version 77 of S3/S3AAA


Ignore:
Timestamp:
02/19/11 19:12:23 (11 years ago)
Author:
Dominic König
Comment:

--

Legend:

Unmodified
Added
Removed
Modified
  • S3/S3AAA

    v76 v77  
    195195If {{{restricted}}} is {{{False}}} or undefined for a controller, then simple authorization is used for controller access.
    196196
     197  ''NB: We could assume that if there is no ACL defined for a controller then this controller is unrestricted. However, this would require a second DB lookup per run to check whether the controller is restricted at all in case no specific ACL for the current user is found, and in order to keep this efficient, we introduced this deployment setting (which is also less confusing behavior).''
     198
    197199The Controller ACL can be defined for all functions in a controller, and additionally for particular functions inside a controller, where the function-specific ACLs override the general controller ACL. That means, you can define a general ACL for the {{{pr}}} controller, and a different one for the {{{pr/person}}} function.
    198200