Versions Compared

Old Version 98

changes.mady.by.user Prachi Damle

Saved on

compared with

New Version 99

changes.mady.by.user Min Chen

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

  • As illustrated in the above access flow, the access checks get invoked when the resource Ids in the API Cmd are annotated.
  • Thus we will have to edit all existing API Cmds and add the relevant @ACL annotation on the primary resource Ids the command operates on.
  • For any other resources that the command works with, the current access checks placed in the service layer will invoke the SecurityChecker.
  • These current access checks pass the AccessType whereever needed or mostly pass null. Our SecurityChecker will interpret null as a 'ReadUseEntry' access. In the 'acl_permission' schema, all List* APIs will be marked as 'ReadUseEntry' AccessType entries to facilitate this access check.

...