ipm
ipm copied to clipboard
intersystems
Security resources management
Introduce Resources and Roles support in ZPM
Make Generate manage Resources and Roles security entries
I would create one resource processor for an IRIS Resource and one for an IRIS role. Is that a valid approach?
Perhaps leverage cpf merge files so a merge file could be shipped with the module that gets applied upon module installation
Going that route I could see someone implementing a resource processor for CPF merge files and marking it as preload. Because you can create other system level artifacts using CPFs, like databases, I think you would want the processor to invoke iris merge before the other resources enter the Reload phase in their lifecycles, in order that those resources get compiled into the database specified by the merge cpf. So, sticking with this hypothetical, you would want to mark the CPF resource processor as preload, have it call iris merge during the activate lifecycle phase so that the databases get created, and then get the rest of your resources to map to that database.
Some artifacts specified by merge cpf only get created on instance restart, so there could be ambiguity where someone is trying to create an artifact via a merge cpf but it doesn't work.
Note, one approach here (which my team has used to a limited extent) would be a %Studio.AbstractDocument wrapping XML import/export of a Security.* object. This is really something that belongs more at the platform level though.
