You do not have permission to delete messages in this group
Copy link
Report message
Show original message
Either email addresses are anonymous for this group or you need the view member email addresses permission to view the original message
to openen...@googlegroups.com
Hi,
the current default (JPA-based) implementation of the UserDataManager is based on the model design, which defines the relation between User and PermisionSet as a One-To-One. This design can be seen in Figure 6.15 in [1]. Actually, the PermissionSet concept represents more or less a Role, right? Then I think, the relation should be rather Many-To-One. So it would make more sense to be able to assign a certain PermissionSet to multiple Users. What do you think? Otherwise what is the point of having such a (redundant) concept like PermissionSet?
You do not have permission to delete messages in this group
Copy link
Report message
Show original message
Either email addresses are anonymous for this group or you need the view member email addresses permission to view the original message
to openen...@googlegroups.com
Hi,
maybe the 1:1 relation is there to enforce a unique top level
PermissionSet for every User. This PermissionSet then contains the
actual Permissionsets.
If you look into the code at [1] the top level PermissionSet is
actually of type UserPermissionSetData which is a subclass of
PermissionSetData. (though it doesn't seem to provide any extra
functionality)
And you can assign any normal PermissionSet to multiple
UserPermissionSets. But I haven't read the thesis (and don't have the
time to read it atm). Isn't there an explaination why it is done like
this?
> --
> You received this message because you are subscribed to the Google Groups
> "OpenEngSB developer discussion" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to openengsb-de...@googlegroups.com.
> For more options, visit https://groups.google.com/groups/opt_out.
Iren Tuna
unread,
Feb 16, 2014, 1:02:54 PM2/16/14
Reply to author
Sign in to reply to author
Forward
Sign in to forward
Delete
You do not have permission to delete messages in this group
Copy link
Report message
Show original message
Either email addresses are anonymous for this group or you need the view member email addresses permission to view the original message
to openen...@googlegroups.com
Hi,
well, yes, "the enforcement of a unique top level PermissionSet for every User" sounds reasonable. Though, semantically the design might be clearer with an additional object like UserPermissionSet in between. Anyway, I could not see any other explanation yet.