Changes between Version 96 and Version 97 of S3/S3AAA


Ignore:
Timestamp:
09/10/12 17:43:12 (12 years ago)
Author:
Dominic König
Comment:

--

Legend:

Unmodified
Added
Removed
Modified
  • S3/S3AAA

    v96 v97  
    139139  '''NOTE:''' you can have both an individual record owner and an owner role for the same record at the same time, where the individual owner doesn't need to have the owner role.
    140140
    141   '''NOTE:''' the {{{owned_by_entity}}} field associates the record with a realm (see [#OrgAuth]) - it has ''no'' relevance for the ownership of the record by an individual user.
    142 
    143   '''NOTE:''' If a record has '''no owner''', i.e. if both {{{owned_by_user}}} and {{{owned_by_role}}} are '''None''', then all authenticated users are considered the owner of this record (public record). As a consequence of that, any owner ACLs for the AUTHENTICATED-role would always include all records without owner - regardless of which realm they belong to.
    144 
    145    ''Future versions could implement a deployment option to apply ownership more strictly and consider records without owner as not owned by any user (rather than as owned by all users).''
     141  '''NOTE:''' the {{{owned_by_entity}}} field associates the record with a realm (see [#OrgAuth]) - it has ''no'' relevance for the ownership of the record by an individual user. A user can own of records any realm.
     142
     143  '''NOTE:''' If a record has '''no owner''', i.e. if both {{{owned_by_user}}} and {{{owned_by_role}}} are '''None''', then all authenticated users are considered the owner of this record (public record). ''As a consequence of that, any owner ACLs for the AUTHENTICATED-role would always include all records without owner - regardless of the realm they belong to.''
     144
     145''Future versions could implement a deployment option to apply ownership strictly, i.e. to consider records without owner as not owned by any user (rather than as owned by all users).''
    146146==== Session-Ownership  ====
    147147For anonymous users we can make the session own the records, so that a user can edit records they've just created, or read their cached feature queries.