...
- Component
- WebApp
- ControllerRequest
- ControllerRequestEvent
- Service
- Entity
- EntityField
- Entity
- Service
- ControllerRequestEvent
- ControllerView
- WidgetScreen
- Service
- Entity
- EntityField
- Entity
- FtlFile
- WidgetScreen
- WidgetForm
- WidgetFormField
- Service
- WidgetScreen
- ControllerRequest
- WebApp
Access Control Scenarios
1. User X can use Artifact Y for anything that artifacts supports and on any data (where "artifact" is a screen, web page, part of a screen or page, service, general logic, etc)
2. User X can use Artifact Y only for records determined by Constraint Z
3. User X can use any artifact for records determined by Constraint Z
4. Artifact Y can be used by any user for any purpose it supports
5. Artifact Y can be used by any user for only for records determined by Constraint Z
6. User X can use any artifact for any record (ie superuser)
NOTE DEJ 20090514: the Proposed Implementation Details above currently does not support #3, but supports all others pretty well.