Projects:Extensible Security Model
Security Model is currently based on record's client/organization to determine whether a row is visible and editable.
In some cases, it would be desirable to allow through modules to extend this model so a record can be accessed based on any arbitrary rule defined within that module.
Modules can define new security policies to determine which are the accessible records. It is possible one of these module to take into account not all the entities but just a set of them.
For example, it would be possible to install a module that provides Project Based Security, having this module installed only the records that are in the granted projects would be accessible. This module would restrict only those entities that are related (at any level) to projects, having the rest of entities the default security model.
Modules providing a new security model, implement a new interface. Through dependency injection they are used, where it is needed, to extend the queries restricting access.
The simplest approach would be this interface to define which are the entities it affects to. For each of these entities, it would return the property to restrict based on current session info.
In the example of Project Based Security, this interface would affect to entities like Order, Order Line and Order Line Tax but not to Business Partner. For order and order line the property to be checked would be Project in both cases, in Order Line Tax, as this entity has no direct project info, it would use its parent's (Order Line) one.
Where it should be used
initializemethod, different restrictions are added.
addOrgClientActiveFiltermethod sets Client, Org and Active filtering.
checkWriteAccessdetermines whether it is possible to write a Dal object. This is used when using
- Used to fetch data for grids,
getWhereClausemethod is in charge of creating the where query's where clause.
- Web Services
- xml web service is using
OBCriteria. JSON web service is using
Open Items to Discuss
- Should this security model restrict only complete access, or should it provide read only access to some records?