Forget my previous post, in fact, it doesn’t work for me (I had forgotten to remove the clear d2w cache by the code, thing that doesn’t work in deployment).
> Le 23 févr. 2016 à 09:42, Sébastien Rottiers <[email protected]> a écrit : > > Thanks for the replies ! > > I just test your first solution Mark and it works like a charm ! > > Sébastien > >> Le 22 févr. 2016 à 22:47, Mark Wardle <[email protected] >> <mailto:[email protected]>> a écrit : >> >> I wonder whether your rules are being cached. >> >> I do this instead: >> >> 100 : entity.name like 'Result*' => isEntityDeletable = >> "session.authenticatedUser.role.isSystem" >> [er.directtoweb.ERDDelayedKeyValueAssignment] >> >> or >> >> 100 : entity.name = 'Seizure' => isEntityEditable = >> "object.summaryEpilepsy.patient.security.PATIENT_EDIT" >> [er.directtoweb.ERDDelayedKeyValueAssignment] >> >> where a security property on the patient entity supports arbitrary key paths >> that correspond with a specific permission. >> >> Mark >> >>> On 22 Feb 2016, at 13:56, Sébastien Rottiers <[email protected] >>> <mailto:[email protected]>> wrote: >>> >>> Hello, >>> >>> I have two rules to control the access write of my users (isEntityEditable >>> and isEntityDeletable). Here is these rules : >>> >>> 100 : *true* => isEntityEditable = {"conditionKey" = >>> "session.userConnected.isAdmin"; "falseValue" = "0"; "trueValue" = "1"; } >>> [er.directtoweb.assignments.delayed.ERDDelayedBooleanAssignment], >>> 100 : *true* => isEntityDeletable = {"conditionKey" = >>> "session.userConnected.isAdmin"; "falseValue" = "0"; "trueValue" = "1"; } >>> [er.directtoweb.assignments.delayed.ERDDelayedBooleanAssignment], >>> >>> It works properly for isEntityEditable (if I login with an admin account I >>> can edit the EOs, and if I logout and login with a non admin user I can’t >>> edit EOs). But for isEntityDeletable the issue is : on the List pages >>> (ERModernLook) I already visited, when I logout/login from admin to non >>> admin, the delete button is still displayed. And in dev mode if I clear the >>> D2W cache, the delete button disappear as expected. >>> >>> Am I missing something ? >>> >>> Thanks, >>> Sébastien >>> >>> >>> >>> _______________________________________________ >>> Do not post admin requests to the list. They will be ignored. >>> Webobjects-dev mailing list ([email protected] >>> <mailto:[email protected]>) >>> Help/Unsubscribe/Update your Subscription: >>> https://lists.apple.com/mailman/options/webobjects-dev/mark%40wardle.org >>> <https://lists.apple.com/mailman/options/webobjects-dev/mark%40wardle.org> >>> >>> This email sent to [email protected] <mailto:[email protected]> > _______________________________________________ > Do not post admin requests to the list. They will be ignored. > Webobjects-dev mailing list ([email protected]) > Help/Unsubscribe/Update your Subscription: > https://lists.apple.com/mailman/options/webobjects-dev/sebro%40mac.com > > This email sent to [email protected]
_______________________________________________ Do not post admin requests to the list. They will be ignored. Webobjects-dev mailing list ([email protected]) Help/Unsubscribe/Update your Subscription: https://lists.apple.com/mailman/options/webobjects-dev/archive%40mail-archive.com This email sent to [email protected]
