Major
Nice to have
Bugfix
Major
The executability of a command usually depends on its command group, the component's security object and the component's role profile. The executability based on these authorization rules is built in directly and does not need to be configured explicitly.
Enhancement
It may be useful to place a command (button) outside the permission layout to which its action refers. E.g. the opener of a dialog should refer to the permission setting of the dialog content, so that the dialog can only be opened if an action can be executed in the dialog at all. In many cases, this fits automatically because the dialog and the opening component are in the same permission layout. However, if the dialog content has its own permission layout, it may make sense to mark the dialog opener as a system command and give it an explicit security-related executability:
#!xml <button id="openMyDialog" class="com.top_logic.tool.boundsec.OpenModalDialogCommandHandler" clique="create" dialog-name="MyDialog" group="SYSTEM" > <executability> <security-check group="CREATE" security-component="MyDialogContent" /> </executability> </button>
Test
- Dialog opener for "create node" (+) in DemoTypes tree.