Thanks Marcel by your interest to help me. So, let me see if I got what you said. I have to store in the user nodes a propertie per each node the user has rights to access, for ex: Node user=getnode(userid); user.setProperty(nodeid,"read/write");
Would be nearly this way? So the query will test if the usernode has the property with the nodeid name and the value with the right allowed. Please, I need more comments about it. Helio. >hsp wrote: >> Let's supose I need to store in a useraccess propertie of myapp:user >> node type two values: itemId and kindRight (concatenated..., maybe). >> Will I get success using the propertie associating it with mixin >> (multiple values)? So the user Node Helio, has the propertie >> useraccess with the values: '1234,read', '1235,write', ... I must >> store the multi values into the useracess propertie like a row in a >> table, and when test access rights in a node, first I have got to >> find if the id of that node is stored in any value of the propertie >> (useraccess) and in the string that contains the nodeid has the >> proper right too (read, write,...), ok?? I can do this with a query >> by xpath, searching in the node with the id for that user, if >> contains a string in that propertie...Am I right? > > >> So, this way I can do my security verifications, before any >> operations, ok? > >using a query in this case is technically possible, but I doubt that >executing a query on each item access will perform reasonably. > >I rather recommend to re-arrange your access control structure in a way >that allows you to address them directly. e.g. use the item id as a >property name that contains the access right value? > >regards > marcel >
