Model Access Review
(Created page with "When maintaining a large model, you will find that eventually you need to review what access groups there are in the model, but also how Actions and ViewModels are assigned to these groups. You need to answer questions like, "Does the access groups for actions match with the viewmodels they navigate to", or, "Do I have ViewModels that has no access group assigned, and therefore are open for access". Here are some OCL queries and EAL code that both finds potential probl...") |
No edit summary |
||
Line 1: | Line 1: | ||
=== Background === | |||
When maintaining a large model, you will find that eventually you need to review what access groups there are in the model, but also how Actions and ViewModels are assigned to these groups. | When maintaining a large model, you will find that eventually you need to review what access groups there are in the model, but also how Actions and ViewModels are assigned to these groups. | ||
Line 4: | Line 5: | ||
Here are some OCL queries and EAL code that both finds potential problems and corrects them if needed. Please adapt this code to your needs. | Here are some OCL queries and EAL code that both finds potential problems and corrects them if needed. Please adapt this code to your needs. | ||
=== Code === | |||
====== Find all ViewModels (called "Span" in the internal model) with no access group but has actions navigating to it that has access groups. ====== | |||
====== Probably these viewmodels needs securing. ====== | |||
Span.allInstances->select(s|s.AccessGroups->isEmpty and s.CriteriaForServerSideExecute->isEmpty and s.UsePlacingHints and s.ShowByActions->notEmpty)-> | |||
collect(s|s.Name, s.AccessGroups.Name->asCommaList, (s.ShowByActions->collect(a|a.Name + ' AG:' + a.AccessGroups.Name->asCommaList))->asCommaList) | |||
====== ViewModel that no actions navigate to ====== | |||
Somewhat odd ViewModels that seems to be used for UI, but there's no way to reach them with an action. | |||
Span.allinstances->select(s|s.ShowByActions->isEmpty and s.CriteriaForServerSideExecute->isEmpty and s.UsePlacingHints )->collect(span | span.Category.Name, span.Name, span.Class.Name, span.CodeComment)->orderBy(x|x.Name, x.Name1) |
Revision as of 13:36, 27 April 2024
Background
When maintaining a large model, you will find that eventually you need to review what access groups there are in the model, but also how Actions and ViewModels are assigned to these groups.
You need to answer questions like, "Does the access groups for actions match with the viewmodels they navigate to", or, "Do I have ViewModels that has no access group assigned, and therefore are open for access".
Here are some OCL queries and EAL code that both finds potential problems and corrects them if needed. Please adapt this code to your needs.
Code
Probably these viewmodels needs securing.
Span.allInstances->select(s|s.AccessGroups->isEmpty and s.CriteriaForServerSideExecute->isEmpty and s.UsePlacingHints and s.ShowByActions->notEmpty)-> collect(s|s.Name, s.AccessGroups.Name->asCommaList, (s.ShowByActions->collect(a|a.Name + ' AG:' + a.AccessGroups.Name->asCommaList))->asCommaList)
Somewhat odd ViewModels that seems to be used for UI, but there's no way to reach them with an action.
Span.allinstances->select(s|s.ShowByActions->isEmpty and s.CriteriaForServerSideExecute->isEmpty and s.UsePlacingHints )->collect(span | span.Category.Name, span.Name, span.Class.Name, span.CodeComment)->orderBy(x|x.Name, x.Name1)
This page was edited more than 8 months ago on 05/21/2024. What links here