Versions Compared

Old Version 34

changes.mady.by.user Unknown User (adrianc@hlmksw.com)

Saved on

compared with

New Version 35

changes.mady.by.user Unknown User (adrianc@hlmksw.com)

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Note to David

...

Whenever an artifact is hit the authorization (access control) will be checked and the results of it will be kept in the artifactAccessStack. In order to support the inheritParentArtifactAuth field, as part of the ExecutionContext we will maintain a parentAuthorizationState variable that keeps track of the authTypeEnumId of the last artifact that had inheritParentArtifactAuth=Y. If an artifact called by the parent artifact passed but does not have inheritParentArtifactAuth=Y then the parentAuthorizationState variable will not be changed.

Note

David, I don't think the ExecutionContext object should be concerned with security or the permissions hierarchy - that is the Authorization Manager's responsibility. All the ExecutionContext needs to provide is an artifact ID that the artifact can pass on to the Authorization Manager. -Adrian

The reason for this is that depending on the parentAuthorizationState the permission still needs to be checked but the results are interpreted differently:

...