Hey fedora users, I think I got the hang of writing policies now but I want to know if it is possible to somehow control the values when, say, creating a new object called user in the database? For instance if I the subject that wants to create a new object only have the permission of creating a user with the same role as I have and roles that have less permissions than my role.
Or another example. If a subject belonging to a specific organization is only allowed to create objects of the type note within his own organization? Is that even possible with an XACML policy? -- With Best Regards Tomasz Cielecki ------------------------------------------------------------------------------ Storage Efficiency Calculator This modeling tool is based on patent-pending intellectual property that has been used successfully in hundreds of IBM storage optimization engage- ments, worldwide. Store less, Store more with what you own, Move data to the right place. Try It Now! http://www.accelacomm.com/jaw/sfnl/114/51427378/ _______________________________________________ Fedora-commons-users mailing list Fedora-commons-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/fedora-commons-users
