GGCE-SEC: Link between entities and SecurityActions
While we support the SOAP interface, we should include GGCE security checks on direct interactions with tables in
deleteEntity(). Or alternatively, we check permissions in an aspect?
- If the record
persistEntity(), the CREATE permission needs to be checked, otherwise WRITE.
deleteEntity()we check for DELETE permission.
For this to work, we need to link entity classes to
Since permissions are site-based, we somehow need to extract
site.id before permission checks. This could be done with an interface.
If we use an interface, then we can add both:
Site getSite() (or
Site aclSite()) and