This commit is contained in:
@@ -42,6 +42,8 @@ namespace AyaNova.Biz
|
||||
//AyaNova.Biz.BizRoles
|
||||
//AyaNova.Biz.BizObjectNameFetcherDIRECT
|
||||
|
||||
//and in the CLIENT in ayatype.js
|
||||
|
||||
}
|
||||
|
||||
|
||||
|
||||
@@ -15,14 +15,16 @@ namespace AyaNova.Biz
|
||||
|
||||
static BizRoles()
|
||||
{
|
||||
//TODO: change this entire block to work off a fragment of JSON that can be shared with the Client side project as well
|
||||
|
||||
//Add all object roles here
|
||||
//NOTE: do not need to add change roles to read roles, Authorized.cs takes care of that automatically
|
||||
//by assuming if you can change you can read
|
||||
|
||||
//HOW THIS WORKS / WHATS EXPECTED
|
||||
//CHANGE = CREATE, RETRIEVE, UPDATE, DELETE - Full rights
|
||||
//EDITOWN = special subset of CHANGE: You can create and if it's one you created then you have rights to edit it or delete, but you can't edit ones others have created
|
||||
//READ = You can read *all* the fields of the record, but can't modify it. Change is automatically checked for so only add different roles from change
|
||||
//Change = CREATE, RETRIEVE, UPDATE, DELETE - Full rights
|
||||
//EditOwn = special subset of CHANGE: You can create and if it's one you created then you have rights to edit it or delete, but you can't edit ones others have created
|
||||
//ReadFullRecord = You can read *all* the fields of the record, but can't modify it. Change is automatically checked for so only add different roles from change
|
||||
//PICKLIST NOTE: this does not control getting a list of names for selection which is role independent because it's required for so much indirectly
|
||||
//DELETE = There is no specific delete right for now though it's checked for by routes in Authorized.cs in case we want to add it in future as a separate right from create.
|
||||
|
||||
|
||||
Reference in New Issue
Block a user