Eclipse Community Forums
Forum Search:

Search      Help    Register    Login    Home
Home » Modeling » EMF » [CDO] Security Model, I dont want that user can see all directories
[CDO] Security Model, I dont want that user can see all directories [message #1776313] Wed, 15 November 2017 09:12 Go to next message
Patrick Tessier is currently offline Patrick TessierFriend
Messages: 199
Registered: July 2009
Location: Paris Saclay, France
Senior Member
Hi,
When I create a User:Bob, he can see all directories of the repository.

I would like that a Bob see only model inside a specific directory for example /home/commonproject.
So I have createed a resource fiter with the sepcific path in write
WIRTE==/home/commonproject
Result Bob can see write in the directory common project but can read other directory in the repository /home/alice (but not its content). Is it normal?

How can I do to see only my specificy directory only /home/commonproject ?

More over I would like also to have the permisssion to write only specific object inside models of /home/commonproject. How can I write in security model?
Re: [CDO] Security Model, I dont want that user can see all directories [message #1776340 is a reply to message #1776313] Wed, 15 November 2017 13:18 Go to previous message
Christian W. Damus is currently offline Christian W. DamusFriend
Messages: 1162
Registered: July 2009
Location: Canada
Senior Member

Hi, Patrick,

According to the CDO Wiki, you should be able to define READ permission filters as well as WRITE permission. So, perhaps your user role could have a READ filter that matches only /home/commonproject? This should looks something like the "Home Folder /home" role example in the wiki.

In order to access the commonproject/ subfolder of home/, it is of course necessary to be able to traverse the home/ folder, itself. So, that means being able to read it. As in a UNIX-like filesystem, that would imply knowing its contents but not being able to read them. I expect that this is normal in CDO, also. But my knowledge of the security model is fuzzy and several years old; perhaps Eike knows of any changes since 2013.

HTH,

Christian
Previous Topic:OMG-XML and XMI convert to Ecore?
Next Topic:[xcore] using "id" as attribute name
Goto Forum:
  


Current Time: Tue Jan 16 07:39:21 GMT 2018

Powered by FUDForum. Page generated in 0.02003 seconds
.:: Contact :: Home ::.

Powered by: FUDforum 3.0.2.
Copyright ©2001-2010 FUDforum Bulletin Board Software