This server class provides methods to operate the database records considering the ACL rules of the user. All of the SimpleRecordSecure methods are the same as SimpleRecord methods but they are applied according to the ACL rules.
If the user attempts to perform one of the operations Create, Write or Delete in the database to a record he has no access to, the method getErrors()called after the operation return the corresponding error.
If the user attempts to to perform an operation Read in the database to a record he has no access to, the method getErrors()called after the operation does not return any errors.
The system response to the actions prohibited by the ACL
Prohibited action
Prohibition for the record
Prohibition for the field
Create
If the user adds a record via a script and uses insert() method, the record is not created.
If the user fills in the field via a script and uses insert() method, the record is added with an empty field or default value for the field if there is any.
Write
If the user adds new value for the record fields via a script with the methodupdate(), the record is not updated. IfupdateMultiple() is called, the records prohibited for changes are ignored, the rest are updated.
If the user adds new value for the field via a script with the methodupdate() /updateMultiple(), the record is updated but the values of the fields prohibited for changes remain the same.
Delete
If the user deletes a record via a script with the method deleteRecord(), the record is not changed. If deleteMultiple() is called and the deletion of at least one of the records from the array is prohibited, none of the records are deleted.
-
Read
If the user requests a record via a script, the response does not include the hidden data. The entire response string is empty.
If the user requests a field data via a script, the response does not contain the hidden data. The column with prohibited field is empty.
