Thanks for the replies ! I just test your first solution Mark and it works like a charm !
Sébastien > Le 22 févr. 2016 à 22:47, Mark Wardle <[email protected]> a écrit : > > I wonder whether your rules are being cached. > > I do this instead: > > 100 : entity.name like 'Result*' => isEntityDeletable = > "session.authenticatedUser.role.isSystem" > [er.directtoweb.ERDDelayedKeyValueAssignment] > > or > > 100 : entity.name = 'Seizure' => isEntityEditable = > "object.summaryEpilepsy.patient.security.PATIENT_EDIT" > [er.directtoweb.ERDDelayedKeyValueAssignment] > > where a security property on the patient entity supports arbitrary key paths > that correspond with a specific permission. > > Mark > >> On 22 Feb 2016, at 13:56, Sébastien Rottiers <[email protected] >> <mailto:[email protected]>> wrote: >> >> Hello, >> >> I have two rules to control the access write of my users (isEntityEditable >> and isEntityDeletable). Here is these rules : >> >> 100 : *true* => isEntityEditable = {"conditionKey" = >> "session.userConnected.isAdmin"; "falseValue" = "0"; "trueValue" = "1"; } >> [er.directtoweb.assignments.delayed.ERDDelayedBooleanAssignment], >> 100 : *true* => isEntityDeletable = {"conditionKey" = >> "session.userConnected.isAdmin"; "falseValue" = "0"; "trueValue" = "1"; } >> [er.directtoweb.assignments.delayed.ERDDelayedBooleanAssignment], >> >> It works properly for isEntityEditable (if I login with an admin account I >> can edit the EOs, and if I logout and login with a non admin user I can’t >> edit EOs). But for isEntityDeletable the issue is : on the List pages >> (ERModernLook) I already visited, when I logout/login from admin to non >> admin, the delete button is still displayed. And in dev mode if I clear the >> D2W cache, the delete button disappear as expected. >> >> Am I missing something ? >> >> Thanks, >> Sébastien >> >> >> >> _______________________________________________ >> Do not post admin requests to the list. They will be ignored. >> Webobjects-dev mailing list ([email protected] >> <mailto:[email protected]>) >> Help/Unsubscribe/Update your Subscription: >> https://lists.apple.com/mailman/options/webobjects-dev/mark%40wardle.org >> <https://lists.apple.com/mailman/options/webobjects-dev/mark%40wardle.org> >> >> This email sent to [email protected] <mailto:[email protected]>
_______________________________________________ Do not post admin requests to the list. They will be ignored. Webobjects-dev mailing list ([email protected]) Help/Unsubscribe/Update your Subscription: https://lists.apple.com/mailman/options/webobjects-dev/archive%40mail-archive.com This email sent to [email protected]
