Search results for "Not"

In the above example, the schema is configured in such a way that users with the maintains relationship to a ProductGroup will have access to any Product object in the group they maintain, but not to the subgroups of the given group.

Schema relationships that are configured to allow domain permission resolution are called active relationships. Active relationships are displayed in a different color than normal relationships in the schema editor.

When a non-admin user accesses a private object (e.g. a Product node from the above example schema), Structr tries to find a path which ADDs the requested right or KEEPs the requested right from a node the user has the specific right on.

In detail: We assume that a user who has a read permission grant to a ProductGroup tries to access a Product contained in that group (for which the user does not have direct rights).
Structr will then traverse the active relationship(s) until a path is found which ADDs or KEEPs the requested right.

Successful path evaluation:

• The (ProductGroup)-[:contains]->(Product) relationship is configured to keep read and write
• The effective permissions at the end of the evaluation process are read and write

Unsuccessful path evaluation:

• If a user who has a read permission grant to a product that is not contained in the product group he has access to, but in a subgroup of the given group, Structr will not be able to find a connected path of active relationships and will fail the permission resolution.
• The user does not have any permission grants set on any node or only visibility flags are set on the data nodes.

The Cascading Delete settings allow configuration of what happens when either end of the relationship is deleted. The possible values are explained in-depth in the help popup in the dialog.
Automatic Creation of Related Nodes configures if it is allowed to include nested nodes in a REST POST request for this relationship. A node with the given property set is automatically created and linked to the node. If the nested node contains an id attribute (or another property marked as unique) a node is searched for that property and linked if found.

Permission Resolution allows configuration of rights propagation in the graph. If NONE is selected, no rights propagation is applied for this relationship. If SOURCE_TO_TARGET is selected the rights are propagated along the relationship direction to the next node. For TARGET_TO_SOURCE the rights propagation is works against the relationship direction. For ALWAYS the direction of the relationship does not matter and rights propagation is always applied.
Specific rights (Read, Write, Delete, AccessControl) can be added, kept or removed according to the propagation configuration. If a user has read rights to the previous node and Read is configured to Keep, the user also has read rights for the next node. (Specific User/Group rights are applied before using permission propagation - i.e. if a user has specific rights configured for a node, permission resolution is not evaluated as user rights are more specific).
Along the way of permission propagation, properties can be hidden in order to hide sensitive information from users who get rights from permission propagation. The property names can be separated by comma , or space character.

There are 3 tabs where the functionality of the type can be configured:

• Local Attributes
  A Custom Type can be extended with dynamic properties to provide the data model for the intended use-case. This list contains all local properties (meaning they are defined on this type directly).
• Views
  The properties of a type can be combined into named Views, which are accessible under an individual REST URL. Access to these URLs can be configured independently for each HTTP method using Resource Access Grants, which makes them an ideal tool to create specialised endpoints for different client applications (e.g. mobile clients etc.).
• Methods
  There are different kinds of methods - callback methods and entity methods. Callback methods are automatically executed by the framework upon certain lifecycle events and have a strict naming convention. Entity methods are called by the user/programmer.
  Entity methods are not automatically run by the framework and must be called manually. This either means making a POST request to /structr/rest/(Type)/(<a data-id="7c9c8218bced42bab66868373e64d885" class="mention">UUID</a>)/(methodName) or in serverside JavaScript as node.methodName();

To filter the result based on a range of property values, you can use the following syntax: [<start> TO <end>]. Please note that you need to do URL encoding for the spaces in the range expression if you construct the URL string manually.

Omitting results in a “lower than equal” search, omitting results in a “greater than equal” search. Omitting both does not raise an error, but does nothing.

Notice that the space character is still required!

The FtpService allows users to connect to the structr instance via the FTP protocol. The FTP port can be configured via the application.ftp.port key in structr.conf.

Authentication is only possible via password. After successful authentication the FTP connection lists all the files a user has read rights to starting from the root directory.
Files which the user is allowed to read, but which reside in a directory which the user is not allowed to “see”, the file will not show up in the FTP listing.

Regular users will also not be able to see file owner if they do not have read rights on those nodes.

There are several supported notations for the fields:

Note that in this case, the content is not enclosed in the curly braces ${ and } so the text string is rendered into the page unmodified because it’s not interpreted as a scripting expression.

The possible values of an Enum Property are defined in the schema/code area in the Format/Code field of the property. The values have to be provided as a comma-separated list.

Because Structr dynamically creates Java code from the format definition, the following limitations apply:

• Enum-values must be simple alpha-numeric strings (i.e. no special characters, no spaces, etc)
• Reserved words (like “boolean”, “final”, etc) are not allowed

This is not enforced by Structr but by Java itself as curating a comprehensive blacklist would not be feasible.

• Is called when an object is modified. (Either modification of local attributes of relationships. When a relationship is created, the onSave is triggered for both nodes)
• creation of an object is not a modification, thus the onSave is not run when an object is created (even if the object is ‘modified’ in onCreate)
• Multiple onSave methods can exist per type - every method prefixed with onSave is called when an object is created (e.g. onSave01, onSave02)
• Schema constraint checks (uniqueness constraint, notNull constraint) are performed after onSave has run
• can be rolled back
  • if an error occurs
  • if an error is raised via error() function
  • if a constraint is violated
• All regular keywords can be used - one special keyword is introduced for this method

The state of the object in the scripting environment represents the state of the object after the modification. To get information about the previous state the keyword modifications can be used.

Example: