Cwikius-Spring
/
spring-security
mirror of https://github.com/spring-projects/spring-security.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Corrected errors on the ACLS document 

Closes gh-12270
This commit is contained in:
Wilson-Emmanuel 2022-11-24 10:56:28 +09:00 committed by Steve Riesenberg
parent 582c9c6438
commit edd1915d1b
No known key found for this signature in database
GPG Key ID: 5F311AB48A55D521
1 changed files with 5 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
docs/modules/ROOT/pages/servlet/authorization/acls.adoc
View File

@ -65,12 +65,12 @@ When used in the context of receiving a permission, an SID is generally called a
The only columns are the ID and the Java class name.
Thus, there is a single row for each unique Class for which we wish to store ACL permissions.
* Finally, `ACL_ENTRY` stores the individual permissions assigned to each recipient.
Columns include a foreign key to the ACL_OBJECT_IDENTITY, the recipient (which is a foreign key to ACL_SID), whether we audit or not, and the integer bit mask that represents the actual permission being granted or denied.
We have a single row for every domain object instance for which we store ACL permissions.
* `ACL_OBJECT_IDENTITY` stores information for each unique domain object instance in the system.
Columns include a primary key ID, a foreign key to the `ACL_CLASS` table, a unique identifier so we know which ACL_CLASS instance we're providing information for, the parent, a foreign key to the `ACL_SID` table to represent the owner of the domain object instance, and whether we allow ACL entries to inherit from any parent ACL.
We have a single row for every domain object instance we're storing ACL permissions for.
* Finally, ACL_ENTRY stores the individual permissions assigned to each recipient.
Columns include a foreign key to the ACL_OBJECT_IDENTITY, the recipient (i.e. a foreign key to ACL_SID), whether we'll be auditing or not, and the integer bit mask that represents the actual permission being granted or denied.
* Finally, `ACL_ENTRY` stores the individual permissions assigned to each recipient.
Columns include a foreign key to the `ACL_OBJECT_IDENTITY`, the recipient (i.e. a foreign key to ACL_SID), whether we'll be auditing or not, and the integer bit mask that represents the actual permission being granted or denied.
We have a single row for every recipient that receives a permission to work with a domain object.