Use read only attributes in XPath constraints

Check ID

DOM_0002

Category

Security

Summary

XPath constraints are used in security access rules to limit the data that a user can view or manage. It is important however that a user does not have read/write access to any of the attributes or associations used in the XPath constraint because otherwise they can change these values and circumvent the XPath constraint.

Options

This check does not have any options.

Pass

User roles don't have read/write access to any attributes or associations used in XPath constraints for that role.

Fail

User roles have read/write access to an attribute or association used in one or more XPath constraints for that role.

PreviousDefault member access rights restricted NextAnonymous users can only change own data

Last updated 4 months ago