[Cubicweb] Dynamic security permission
luycampos2 at gmail.com
Wed Sep 18 23:08:29 CEST 2013
I am Lourdes Campos, from Mexico.
We are using CubicWeb (introduced by CreaLibre) for an internal project at
I'm trying to define dynamic security permission, so that users can create
a relation only if they can Update the current entity AND Read the other
one, regardless of which one is the Subject or Object in the relation.
So far, I have this in the permission definition:
RRQLExpression('U has_update_permission S')
but it assumes that l'm Updating the S.(not the Object)
How could I make this work, leaving roles aside? Thanks for your time.
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Cubicweb