RESTForms icon indicating copy to clipboard operation
RESTForms copied to clipboard

Published 20 hours ago verified publisher icon intersystems-community

Security on FORMPERMISSIONS

Open eduard93 opened this issue 9 years ago • 2 comments

eduard93 avatar Jul 05 '16 14:07 eduard93

Discussed with @dmitry-zasypkin today. Points:

  • Parameter FORMEDITROLE - form-specific role if $roles has it, user can edit form fields
  • Parameter CANCREATEFORM - application wide role, that $roles must possess for user to create forms
  • QUESTION: role check&inheritance ($roles has a role1, which has role2). Param (from above) is role2. How do we check that $roles has role2

eduard93 avatar Jul 08 '16 16:07 eduard93

Answer: roles are flattened. In the above example (user has role1 which has role2, users $roles would be equal to role1,role2)

Except for %ALL

eduard93 avatar Jul 08 '16 17:07 eduard93