CRUD security not respecting Actor <--> <<Manageable>> associations
-------------------------------------------------------------------
Key: BPM-253
URL: http://jira.andromda.org/browse/BPM-253
Project: Bpm4Struts Cartridge
Type: Bug
Components: CRUD
Versions: 3.1-RC1
Environment: Linux (Ubuntu) JDK 1.5/1.4 MagicDraw 9.5 sp1
Reporter: Tim Dysinger
Assigned to: Wouter Zoons
Priority: Critical
Doesn't matter who is logged into the application when security is enabled.
Anyone can create/delete <<Manageable>> entities. This is a show stopper for
my application as I can't deploy it until it's fixed. We don't want regular
users creating or deleting sensitive <<Entity>> instances.
-------------------------------------------------------
SF.Net email is Sponsored by the Better Software Conference & EXPO
September 19-22, 2005 * San Francisco, CA * Development Lifecycle Practices
Agile & Plan-Driven Development * Managing Projects & Teams * Testing & QA
Security * Process Improvement & Measurement * http://www.sqe.com/bsce5sf
