[Cubicweb] RRQLExpression and ERQLExpression

Jinpeng Li mr.li.jinpeng at gmail.com
Tue Apr 15 20:16:09 CEST 2014


Thank you for all your answers. Now I understand very well considering
permission mechanism.

Best regards,
Jinpeng


On Tue, Apr 15, 2014 at 6:05 PM, Aurélien Campéas <
aurelien.campeas at logilab.fr> wrote:

> On 15/04/2014 17:44, Jinpeng Li wrote:
> > I can read a lot of other information from the system. From this point,
> > I don't know if it is a good idea that "all users should be in the
> > 'users' group".
> >
>
> This is a very lenient default and could be tightened, indeed.
>
> In practice, application writers may want their own policy for
> "users", or even a subtle partition over those (e.g. from "registered
> but read-only people") to some kind of power users.
>
> It is not completely easy ... I guess this is what Sylvain alludes to
> when he says we're thinking about it.
>
> You can always:
>
> * monkeypatch the relevant etype/rtype permissions (right up to
>   cubicweb and the cubes you depend on)
>
> * monkeypatch the _default_ permission dictionaries if needed. Here be
>   some dragons but it is doable.
>
>
> Regards,
> Aurélien.
>
> _______________________________________________
> Cubicweb mailing list
> Cubicweb at lists.cubicweb.org
> http://lists.cubicweb.org/mailman/listinfo/cubicweb
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.cubicweb.org/pipermail/cubicweb/attachments/20140415/d680c1ed/attachment-0186.html>


More information about the Cubicweb mailing list