[FLOW3-general] limit access on entitities
Christian Müller
christian.mueller at typo3.org
Thu Feb 7 08:51:43 CET 2013
Hi Falk,
On 06.02.13 17:58, Falk wrote:
> Hi everyone,
>
> I'm presently dealing with the security basics. What is the best
> proceeding to limit the access on defined entities (e.g. user has only
> access to defined customers)? Is this complete solvable via AOP? How
> should such an aspect looks like and which steps are necessary (e.g.
> constraints between user and customer model)?
You might want to have a look at docs about content security [1] it
should exactly do what you want. Question is if you can find a limiting
factor that you can express in such a logical expression or if the
customer<>user relation is based on some "hand selected" information.
Cheers,
Christian
[1]
http://docs.typo3.org/flow/TYPO3FlowDocumentation/TheDefinitiveGuide/PartIII/Security.html#content-security
More information about the FLOW3-general
mailing list