The default
MDEXSecurityManager implementation supports the
configuration of filters associated with Liferay roles that have been assigned
to a user's login.
The supported
filters are as follows:
securityEnabled:
enabling/disabling security filters on all queries issued to this data source.
securityFilters:
definition of all security filters to be used by this data source (any
extension of
QueryFilter).
Note: Record filters are the only supported type of
securityFilter.
rolePermissions: role
mappings to the security filters that have been defined for the data source.
inheritSecurity:
enabling/disabling of security filter inheritance, based on data source
relationships defined via the
parentDataSource property.
parentDataSource:
when
inheritSecurity is true, this property is used to
find all ancestors of each data source being secured. For each data source, the
list of security filters to be applied is a combination of all security filters
configured for every ancestor data source, plus any found with the data source
configuration itself.
Note: For more information on security, see the chapter "Security
extensions to the Discovery Framework" in the
Discovery Framework Extension Guide.