Skip to main content


Eclipse Community Forums
Forum Search:

Search      Help    Register    Login    Home
Home » Modeling » EMF » [CDO] Security Manager and Package Filter
[CDO] Security Manager and Package Filter [message #1454368] Tue, 28 October 2014 09:49 Go to next message
Paweł Doleciński is currently offline Paweł DolecińskiFriend
Messages: 44
Registered: January 2014
Member
Hi,

I created simple as I thought security policy for my models in CDO but I ended up with not working PackageFilter used as a permission in a role.

Let me describe the situation in detail.

In CDO Server I have a "limited" folder with model resources inside.
I turned on Security Manager by simply adding
<securityManager type="default" description="/security:annotation:home(/home)"/>


Then, all users have read only access to all resources inside the "limited" folder expressed by the fololwing two Resource Filters:


  • READ resource >= /limited
    - folders = true
    - text resources = true
    - binary resources = true
    - model resources = true
    - model objects = true
    - include parents = true
    - include root = true
  • WRITE resource >= /limited
    - folders = false
    - text resources = false
    - binary resources = false
    - model resources = false
    - model objects = false
    - include parents = false
    - include root = false

In the "limited" folder I created a new model resource with several EPackage objects as roots.

Now I'd like to give a write access for users only to one of EPackage object.
So I made a new rule with Package Filter:

  • WRITE package == MyPackage
    - applicable Package = MyPackage

All roles are assigned to the proper users.
A conclusion is that Package Filter does not work, all EPackage objects got read only access anyway.

Any ideas? What am I doing wrong?

Thanks
Paweł
Re: [CDO] Security Manager and Package Filter [message #1471461 is a reply to message #1454368] Thu, 13 November 2014 05:07 Go to previous message
Eike Stepper is currently offline Eike StepperFriend
Messages: 6433
Registered: July 2009
Senior Member
Am 28.10.2014 um 10:49 schrieb Paweł Doleciński:
> Hi,
>
> I created simple as I thought security policy for my models in CDO but I ended up with not working PackageFilter used
> as a permission in a role.
>
> Let me describe the situation in detail.
>
> In CDO Server I have a "limited" folder with model resources inside.
> I turned on Security Manager by simply adding <securityManager type="default"
> description="/security:annotation:home(/home)"/>
>
> Then, all users have read only access to all resources inside the "limited" folder expressed by the fololwing two
> Resource Filters:
>
>
> READ resource >= /limited
> - folders = true
> - text resources = true
> - binary resources = true
> - model resources = true
> - model objects = true
> - include parents = true
> - include root = true
> WRITE resource >= /limited
> - folders = false
> - text resources = false
> - binary resources = false
> - model resources = false
> - model objects = false
> - include parents = false
> - include root = false
>
> In the "limited" folder I created a new model resource with several EPackage objects as roots.
>
> Now I'd like to give a write access for users only to one of EPackage object.
> So I made a new rule with Package Filter:
>
> WRITE package == MyPackage
> - applicable Package = MyPackage
>
> All roles are assigned to the proper users.
> A conclusion is that Package Filter does not work, all EPackage objects got read only access anyway.
>
> Any ideas? What am I doing wrong?
I fear without a minimal test case that reproduces the problem it's not possible for me to tell what's going wrong. The
following CDO test cases may serve you as examples:

Bugzilla_399487_Test
Bugzilla_417483_Test
Bugzilla_418267_Test
Bugzilla_422170_Test

Cheers
/Eike

----
http://www.esc-net.de
http://thegordian.blogspot.com
http://twitter.com/eikestepper


Previous Topic:[CDO] Persistance Strategy for Java Objects
Next Topic:[CDO] references between different packages / DanglingReferenceException
Goto Forum:
  


Current Time: Sat May 25 03:16:04 GMT 2019

Powered by FUDForum. Page generated in 0.01627 seconds
.:: Contact :: Home ::.

Powered by: FUDforum 3.0.2.
Copyright ©2001-2010 FUDforum Bulletin Board Software

Back to the top