You'd only be looking at farBarnacle if you were looking at tree-based content types that you wanted to bind to the inheritance model on the tree. Otherwise you might as well just look at the ownership id of the individual content instance -- and that would be pretty straightforward.
You can list objects that match the same ownership id and also put a check on the edit handler to block users who don't have a matching ownership id. Hope that helps, --geoff http://www.daemon.com.au/ On Oct 5, 10:25 pm, Scott Mebberson <[email protected]> wrote: > I've been looking into the new security stuff in application.security. > I've been trying to work out how to secure an object, specific to user > and permission. For example, I'd like userA to have the ObjectView > permission for a particular object, but I don't want userB to have the > ObjectView permission for the same object. > > It looks like application.security.checkPermission is what I'm looking > for, but I don't want to secure based on roles alone, but be as > specific as the user itself. > > I get the feeling this isn't possible? Any ideas on what the best way > to approach the above is? > > I'm creating a custom editing interface, and this stuff has nothing to > do with formtools or FarCry admin. I basically want to secure the > editing interface for objects, such that only the owner can view the > editing interface for the objects they own. Is there a way to > elegantly achieve what I want using the ownedby property of > farBarnacle? -- You received this message cos you are subscribed to "farcry-dev" Google group. To post, email: [email protected] To unsubscribe, email: [email protected] For more options: http://groups.google.com/group/farcry-dev -------------------------------- Follow us on Twitter: http://twitter.com/farcry
