That appears to be a C&P from a dev mailing list discussion, and oddly
it has nothing to do with the subject - "Complete the migration of older
bsh/ftl files to widgets"
Adrian Crum
Sandglass Software
www.sandglass-software.com
On 10/2/2014 8:00 PM, Nicolas Malin wrote:
Jacopo, we are both on the subject : Complete the migration of older
bsh/ftl files to widgets
But I don't understand the description :
===
Change the Entity Engine to be user aware for security, logging
This would be a change to require that a userLogin be passed to all
Entity Engine calls. The Entity Engine could then check permissions to
see if the user can modify or view that entity, or that record. The
Entity Engine could also auto-populate fields like created by and
updated by.
There are big downsides to this in that it is a real pain to ALWAYS have
to know which user is doing stuff, and lots of our services don't know
who the user is or use the "system" user to get around security
constraints. The same thing would have to happen if we did this for the
EE. This would also require major API refactoring, which we would
probably want to precede with a big reduction in API size, as has been
started but isn't yet finished.
Maybe the API refactoring wouldn't be necessary if we created a
user-aware decorator for the GenericDelegator.
===
Which report with migration of older bsh/ftl files to widgets and the
Entity Engine. I have a big doubt now ;) .
Nicolas
--
Nicolas Malin - Consultant - 06 17 66 40 06 -- http://nereide.fr
La société Néréide participe aux Salons Solutions sur le Stand E18bis
<http://www.salons-solutions.com>
<http://www.salons-solutions.com>
