[Cubicweb] Dynamic security permission

Lourdes Campos luycampos2 at gmail.com
Wed Sep 18 23:08:29 CEST 2013


Hi List,

I am Lourdes Campos, from Mexico.
We are using CubicWeb (introduced by CreaLibre) for an internal project at
my Company.

I'm trying to define dynamic security permission, so that users can create
a relation only if they can Update the current entity AND Read the other
one, regardless of which one is the Subject or Object in the relation.
So far, I have this in the permission definition:
RRQLExpression('U has_update_permission S')
but it assumes that l'm Updating the S.(not the Object)
How could I make this work, leaving roles aside? Thanks for your time.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.cubicweb.org/pipermail/cubicweb/attachments/20130918/b17d49d3/attachment-0126.html>


More information about the Cubicweb mailing list