From 72415ebeb27fddeab27c45388902923b7d46238d Mon Sep 17 00:00:00 2001 From: Juan Ferrer Toribio Date: Thu, 18 May 2017 17:54:23 +0200 Subject: [PATCH] ACLs --- services/client/common/models/Account.json | 8 +++++++- services/client/common/models/Address.json | 8 +++++++- services/client/common/models/Client.json | 2 +- services/client/common/models/ClientObservation.json | 8 +++++++- services/client/common/models/ContactChannel.json | 2 +- services/client/common/models/Employee.json | 8 +++++++- 6 files changed, 30 insertions(+), 6 deletions(-) diff --git a/services/client/common/models/Account.json b/services/client/common/models/Account.json index c439547274..f20699c3eb 100644 --- a/services/client/common/models/Account.json +++ b/services/client/common/models/Account.json @@ -19,8 +19,14 @@ { "accessType": "*", "principalType": "ROLE", - "principalId": "$everyone", + "principalId": "$authenticated", "permission": "ALLOW" + }, + { + "accessType": "*", + "principalType": "ROLE", + "principalId": "$everyone", + "permission": "DENY" } ] } diff --git a/services/client/common/models/Address.json b/services/client/common/models/Address.json index 73bf81c7a6..66ffed9de4 100644 --- a/services/client/common/models/Address.json +++ b/services/client/common/models/Address.json @@ -64,8 +64,14 @@ { "accessType": "*", "principalType": "ROLE", - "principalId": "$everyone", + "principalId": "$authenticated", "permission": "ALLOW" + }, + { + "accessType": "*", + "principalType": "ROLE", + "principalId": "$everyone", + "permission": "DENY" } ] } diff --git a/services/client/common/models/Client.json b/services/client/common/models/Client.json index 84763cee97..a2b6cbaedd 100644 --- a/services/client/common/models/Client.json +++ b/services/client/common/models/Client.json @@ -98,7 +98,6 @@ "type": "date" } }, - "validations": [], "relations": { "account": { "type": "belongsTo", @@ -155,5 +154,6 @@ "permission": "DENY" } ], + "validations": [], "methods": {} } \ No newline at end of file diff --git a/services/client/common/models/ClientObservation.json b/services/client/common/models/ClientObservation.json index ed4a46d8d0..1f648735f6 100644 --- a/services/client/common/models/ClientObservation.json +++ b/services/client/common/models/ClientObservation.json @@ -37,8 +37,14 @@ { "accessType": "*", "principalType": "ROLE", - "principalId": "$everyone", + "principalId": "$authenticated", "permission": "ALLOW" + }, + { + "accessType": "*", + "principalType": "ROLE", + "principalId": "$everyone", + "permission": "DENY" } ], "scope": { diff --git a/services/client/common/models/ContactChannel.json b/services/client/common/models/ContactChannel.json index 980de5cccc..b91d7ee021 100644 --- a/services/client/common/models/ContactChannel.json +++ b/services/client/common/models/ContactChannel.json @@ -18,7 +18,7 @@ "accessType": "*", "principalType": "ROLE", "principalId": "$everyone", - "permission": "ALLOW" + "permission": "DENY" } ] } \ No newline at end of file diff --git a/services/client/common/models/Employee.json b/services/client/common/models/Employee.json index 58ebf605af..b9dd42b69f 100644 --- a/services/client/common/models/Employee.json +++ b/services/client/common/models/Employee.json @@ -24,8 +24,14 @@ { "accessType": "*", "principalType": "ROLE", - "principalId": "$everyone", + "principalId": "$authenticated", "permission": "ALLOW" + }, + { + "accessType": "*", + "principalType": "ROLE", + "principalId": "$everyone", + "permission": "DENY" } ] }