Hello, we're thinking of redoing are access control system, with a RBAC approach implemented in a relational db.
I'm thinking how to best leverage it in SmartClient applications, so I'm looking for suggestions/opinions from who has already tackled this issue, ie Isomorphic and the forum community.
Currently, we're using roles with the various *requires* attributes for dataSource/operationBinding/dataSourceField. To me, it seems that we may leverage better a RBAC system if we simply check the permissions in an override of IDACall.handleDSRequest. At that level we know the dataSource, operationType, operationBinding, and even a field-level control seems feasible.
What do you think?
Also, I'm wondering how to best leverage it client side, and here it seems that the best bet is using the new Authentication class. Does it make sense?
I'm thinking how to best leverage it in SmartClient applications, so I'm looking for suggestions/opinions from who has already tackled this issue, ie Isomorphic and the forum community.
Currently, we're using roles with the various *requires* attributes for dataSource/operationBinding/dataSourceField. To me, it seems that we may leverage better a RBAC system if we simply check the permissions in an override of IDACall.handleDSRequest. At that level we know the dataSource, operationType, operationBinding, and even a field-level control seems feasible.
What do you think?
Also, I'm wondering how to best leverage it client side, and here it seems that the best bet is using the new Authentication class. Does it make sense?
Comment