Start on Security Overview beta release docs #8770
Conversation
WimJongeneel
changed the title
|
|
||
| ## Entity access | ||
|
|
||
| The Entity access tab shows the combined access rules for all entities within the application for the currently selected user role. Individual access rules and module roles are here all combined into the concrete access the runtime will give an user with the selected user role. An access rule does apply to an user roles when any of the module roles of the access rule are part of the module roles of the user role. |
There was a problem hiding this comment.
I believe we should mention that we only show entities, attributes, and associations with defined access rules that can be edited. This means we exclude items with no access, as well as access rules for system or protected modules.
Additionally, could we provide an example of combined access rules to make it clearer?
|
|
||
| The Entity access tab shows the combined access rules for all entities within the application for the currently selected user role. Individual access rules and module roles are here all combined into the concrete access the runtime will give an user with the selected user role. An access rule does apply to an user roles when any of the module roles of the access rule are part of the module roles of the user role. | ||
|
|
||
| When combining different access rules the Security Overview followes the same behaviour as the runtime does, meaning that if any access rule defines that a user has been granted access, that user has access. Multiple columns per entity can be shown when XPath constrains apply. Access rules with the same XPath contraint are also combined here so each XPath in this list is unique. |
There was a problem hiding this comment.
I’m not sure if the current explanation is entirely clear. Could we rephrase it to something like this: The Entity Access tab shows a summarized view of the permissions that will be applied during runtime for all entities in the selected module for each user role. This helps developers and reviewers easily understand what an end user can or cannot access within the application.What do you think?
content/en/docs/refguide/modeling/security/security-overview.md
Outdated
Show resolved
Hide resolved
content/en/docs/refguide/modeling/security/security-overview.md
Outdated
Show resolved
Hide resolved
content/en/docs/refguide/modeling/security/security-overview.md
Outdated
Show resolved
Hide resolved
content/en/docs/refguide/modeling/security/security-overview.md
Outdated
Show resolved
Hide resolved
content/en/docs/refguide/modeling/security/security-overview.md
Outdated
Show resolved
Hide resolved
Co-authored-by: EnasAbdelrazek <[email protected]>
|
@MariaShaposhnikova can you let @katarzyna-koltun-mx know when you have reviewed it so that she can look at it in relation to her work in this area. |
|
@katarzyna-koltun-mx , I have done my first review. I will probably get another look next week, but I think it is good enough to check the dependencies in your area. |
|
Review done. |
Docs for the Security Overview, to be released in Beta in 10.18