DYNAMIC PERMISSION ROLES FOR CLOUD BASED APPLICATIONS

摘要

During development of an application, an association between a view of the application and a data service, and rules applicable to the view, can be received. The rules can include an indication of a security role assigned to users who are allowed to access the view and an indication of whether the view is allowed to access the data service based on the security role assigned to the user. Based on the rules applicable to the view, permissions for accessing the data service by the view can be automatically extrapolated. Based on the permissions extrapolated for accessing the data service by the view, a binding credential, configured to be processed to determine whether the view of the application is granted access to data provided by the data service at runtime, can be automatically created. The at least one binding credential can be assigned to the view of the application.

主权项

1. A method comprising:
receiving, during development of an application, an association between at least one view of the application and at least one data service; receiving rules applicable to the at least one view of the application, the rules comprising:
an indication of a security role assigned to at least one user who is allowed to access the view of the application; andan indication of whether the view is allowed to access the data service based on the security role assigned to the at least one user; based on the rules applicable to the at least one view, automatically extrapolating permissions for accessing the data service by the at least one view; based on the permissions extrapolated for accessing the data service by the at least one view, automatically creating, using a processor, at least one binding credential configured to be processed to determine whether the view of the application is granted access to data provided by the data service at runtime; and assigning the at least one binding credential to the view of the application.