diff --git a/server/AyaNova/biz/AyaType.cs b/server/AyaNova/biz/AyaType.cs index 1f037f6a..486f5768 100644 --- a/server/AyaNova/biz/AyaType.cs +++ b/server/AyaNova/biz/AyaType.cs @@ -42,6 +42,8 @@ namespace AyaNova.Biz //AyaNova.Biz.BizRoles //AyaNova.Biz.BizObjectNameFetcherDIRECT + //and in the CLIENT in ayatype.js + } diff --git a/server/AyaNova/biz/BizRoles.cs b/server/AyaNova/biz/BizRoles.cs index 5d35bafb..f12369bc 100644 --- a/server/AyaNova/biz/BizRoles.cs +++ b/server/AyaNova/biz/BizRoles.cs @@ -15,14 +15,16 @@ namespace AyaNova.Biz static BizRoles() { + //TODO: change this entire block to work off a fragment of JSON that can be shared with the Client side project as well + //Add all object roles here //NOTE: do not need to add change roles to read roles, Authorized.cs takes care of that automatically //by assuming if you can change you can read //HOW THIS WORKS / WHATS EXPECTED - //CHANGE = CREATE, RETRIEVE, UPDATE, DELETE - Full rights - //EDITOWN = special subset of CHANGE: You can create and if it's one you created then you have rights to edit it or delete, but you can't edit ones others have created - //READ = You can read *all* the fields of the record, but can't modify it. Change is automatically checked for so only add different roles from change + //Change = CREATE, RETRIEVE, UPDATE, DELETE - Full rights + //EditOwn = special subset of CHANGE: You can create and if it's one you created then you have rights to edit it or delete, but you can't edit ones others have created + //ReadFullRecord = You can read *all* the fields of the record, but can't modify it. Change is automatically checked for so only add different roles from change //PICKLIST NOTE: this does not control getting a list of names for selection which is role independent because it's required for so much indirectly //DELETE = There is no specific delete right for now though it's checked for by routes in Authorized.cs in case we want to add it in future as a separate right from create.