-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
On 04/21/2015 02:27 PM, Heiko W.Rupp wrote:
I think users and organizations can both be tenants.
Either the org is the tenant, then the users "inherit" from the
org, i.e. can see all data from the org (*) or the users are the
tenants and then they only see their own stuff.
*) Additional access control may apply.
Exactly, that's how I tried to model it. The "additional access
control" part is also there, with the relationship between Resources,
Operations and Roles, similar to the PicketLink Permission API (ie:
persona with role "x" can perform the operation "y" on resource
"z").
- - Juca.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2
iQEcBAEBCAAGBQJVNki9AAoJECKM1e+fkPrXeDIH/00wQCAPhBWVDljCZkS5qlX1
N1M7ULPaZJVzQK6WBLzFpETucUBTBcaXlVRhFk8iSYUiUdPTzXiwWjCyWZH5P2T/
M1Jum8xVgqSnRIE8V2Z17m7BR9LxS+We2gJXJq6jtN4/1c+wND55IbqLx1B1aE2e
iVnACXPy2hiUveNHFhF5q6i/srWCb1D/IhlSbHOy7/m/Nr72lMvLdIrXjUrMSFBh
QYR7CQJVuKlkhA75WLWIercFG6Pruq0yIXZ/Rah+sQ28Kz4JeTJymyLfHn3IcdXg
ZwQU3FpeLyfKcw2SMcDGP1GpVJ/WrkD9Y3Y5NqjhTruWapRISkaj40X4HzpN0zQ=
=HilD
-----END PGP SIGNATURE-----