User - PermissionSet relation
13 views
Skip to first unread message
Iren Tuna
Feb 16, 2014, 4:40:49 AM2/16/14
to openen...@googlegroups.com
Hi,
the current default (JPA-based) implementation of the UserDataManager is based on the model design, which defines the relation between User and PermisionSet as a One-To-One. This design can be seen in Figure 6.15 in [1]. Actually, the PermissionSet concept represents more or less a Role, right? Then I think, the relation should be rather Many-To-One. So it would make more sense to be able to assign a certain PermissionSet to multiple Users. What do you think? Otherwise what is the point of having such a (redundant) concept like PermissionSet?
Regards,
iren
Michael Petritsch
Feb 16, 2014, 6:44:50 AM2/16/14
to openen...@googlegroups.com
Hi,
maybe the 1:1 relation is there to enforce a unique top level
PermissionSet for every User. This PermissionSet then contains the
actual Permissionsets.
If you look into the code at [1] the top level PermissionSet is
actually of type UserPermissionSetData which is a subclass of
PermissionSetData. (though it doesn't seem to provide any extra
functionality)
And you can assign any normal PermissionSet to multiple
UserPermissionSets. But I haven't read the thesis (and don't have the
time to read it atm). Isn't there an explaination why it is done like
this?
br
[1] https://github.com/openengsb/openengsb/blob/040258dcc516c99672e95b7257066d9cc3cb24d4/components/services/src/main/java/org/openengsb/core/services/internal/security/model/UserData.java
> --
> You received this message because you are subscribed to the Google Groups
> "OpenEngSB developer discussion" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to openengsb-de...@googlegroups.com.
> For more options, visit https://groups.google.com/groups/opt_out.
maybe the 1:1 relation is there to enforce a unique top level
PermissionSet for every User. This PermissionSet then contains the
actual Permissionsets.
If you look into the code at [1] the top level PermissionSet is
actually of type UserPermissionSetData which is a subclass of
PermissionSetData. (though it doesn't seem to provide any extra
functionality)
And you can assign any normal PermissionSet to multiple
UserPermissionSets. But I haven't read the thesis (and don't have the
time to read it atm). Isn't there an explaination why it is done like
this?
br
[1] https://github.com/openengsb/openengsb/blob/040258dcc516c99672e95b7257066d9cc3cb24d4/components/services/src/main/java/org/openengsb/core/services/internal/security/model/UserData.java
> You received this message because you are subscribed to the Google Groups
> "OpenEngSB developer discussion" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to openengsb-de...@googlegroups.com.
> For more options, visit https://groups.google.com/groups/opt_out.
Iren Tuna
Feb 16, 2014, 1:02:54 PM2/16/14
to openen...@googlegroups.com
Hi,
well, yes, "the enforcement of a unique top level PermissionSet for every User" sounds reasonable. Though, semantically the design might be clearer with an additional object like UserPermissionSet in between. Anyway, I could not see any other explanation yet.
Regards,
iren
Reply all
Reply to author
Forward
0 new messages