[Cubicweb] Dynamic security permission

Lourdes Campos luycampos2 at gmail.com
Thu Sep 19 22:21:09 CEST 2013


Hi Sylvain,

Thanks for your quick answer.

We will indeed work on a cube to illustrate some issues that we can not yet
resolve by our own.

Some of them could be related to our learning process, others could be even
bugs that we can spot.

Glad to start sharing with the CubicWeb community.

Thanks in advance.


2013/9/18 Lourdes Campos <luycampos2 at gmail.com>

> Hi List,
>
> I am Lourdes Campos, from Mexico.
> We are using CubicWeb (introduced by CreaLibre) for an internal project at
> my Company.
>
> I'm trying to define dynamic security permission, so that users can create
> a relation only if they can Update the current entity AND Read the other
> one, regardless of which one is the Subject or Object in the relation.
> So far, I have this in the permission definition:
> RRQLExpression('U has_update_permission S')
> but it assumes that l'm Updating the S.(not the Object)
> How could I make this work, leaving roles aside? Thanks for your time.
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.cubicweb.org/pipermail/cubicweb/attachments/20130919/3bae54c8/attachment-0127.html>


More information about the Cubicweb mailing list