Hi,
As a secutiry increase to our applications it would be nice if we could assign roles (former permission areas) to screen actions and user actions.
This way users that didn't have permission to run them, would never be able to use firebug and other tools in order to activate buttons that trigger the action and we wouldn't need to always be "asking" in every action, if the user has permission to run it.
Another benefit would be, by unchecking the anonymous role, we could also automatically know if a session timed out, without having to "ask" that also in every action.
What do you guys think?
As a secutiry increase to our applications it would be nice if we could assign roles (former permission areas) to screen actions and user actions.
This way users that didn't have permission to run them, would never be able to use firebug and other tools in order to activate buttons that trigger the action and we wouldn't need to always be "asking" in every action, if the user has permission to run it.
Another benefit would be, by unchecking the anonymous role, we could also automatically know if a session timed out, without having to "ask" that also in every action.
What do you guys think?
