Details
-
Story
-
Resolution: Duplicate
-
Neutral
-
None
-
None
-
None
-
None
Description
Each module will bring its own acl security template maybe based on some default one.
Example:
#Module ACL's setup example:
apps:
type: APP
appList:
- pages: #app name
subapps:
subapp1: #subapp name
actions:
- save
- edit
- rename
subapp2:
actions:
- rename
- dam:
subapps:
subapp1:
actions:
- edit
- rename
subapp2:
actions:
- rename
uri:
type: URI
content:
type: CONTENT
basePaths:
- pages:
basePath: "/pages"
- assets:
basePath: "/assets"
#stored right list for role pages editor created from pages Module ACL's setup uri: - travel: path: "/travel" right: GET_AND_POST # from GET|GET_AND_POST|DENY allowed by URI definition - sportStation: path: "/sportStation" right: GET_AND_POST # from GET|GET_AND_POST|DENY allowed by URI definition content: - pages: path1: path: "/" environment: 0 #optional right: WRITE #from READ|WRITE|DENY allowed by CONTENT definition depth: INCLUDING_SUB-PATHS # from EXACT_PATH|SUB-PATHS_ONLY|INCLUDING_SUB-PATHS - assets: travel: path: "/travel" environment: 0 #optional right: READ #from READ|WRITE|DENY allowed by CONTENT definition depth: INCLUDING_SUB-PATHS # from EXACT_PATH|SUB-PATHS_ONLY|INCLUDING_SUB-PATHS sportStation: path: "/sportStation" environment: 0 #optional right: READ #from READ|WRITE|DENY allowed by CONTENT definition depth: INCLUDING_SUB-PATHS # from EXACT_PATH|SUB-PATHS_ONLY|INCLUDING_SUB-PATHS apps: - pages: right: ALLOW #from ALLOW|DENY browser: edit: right: ALLOW #from ALLOW|DENY - dam: right: ALLOW #from ALLOW|DENY browser: view: right: ALLOW #from ALLOW|DENY
and we store for role values according to this template.
We need to version it to check if there is need of administrator change after template change.
We need to think about base path for module related content so content paths will be relative to this content. Is it needed/wanted?
Checklists
Acceptance criteria
Attachments
Issue Links
- mentioned in
-
Page Loading...