EDIT

# Cdm authorisation and access control

It is evident that the cdm library needs authorisation and access control. There are library methods which need to protected from unauthorised execution and there is also the data which is exposed by the library. Not all data should be visible to every user so a [[HibernateSpringAndRowlevelSecurity|row level access control]] is needed.

## Questions

1. Do we need a access control in the web service (cdmlib-remote) or is it sufficient to protect the service layer. As long web service controllers are not using DAO (cdmlib-persistence) methods directly it should not be necessary.

## Use cases

 A. a specific **classification sub tree** must not be **publicly visible** in the data portal and thus must be also hidden in the web service responses

 B. a specific **classification sub tree** is only visible for users which have a specific **role** but the user is not granted to **edit** anything in/below it

 C. A user is only granted to **edit descriptions** 

 D. A user is only granted to **edit structured descriptions** 

 E. Combinations of A, B and C, D must be possible

 F. Only users with the **roles** *Admin* or **Usermanager** or the user in question it self (if currently authenticated) are allowed to execute **change password** 

 G. Only users with the **roles** *Admin* or **Usermanager** are allowed to create or **edit** new users

 **Special cases:** 

* **@TaxonNames@** can potentially be shared between different taxa, thus a situation may occur where a user has grants to edit taxon A but not for taxon B, but both taxa are sharing the same name. How will we handle this situation, should the name be cloned when the user starts editing taxon A, so that taxon A has another name entity than taxon B after the user saved the latest changes?

* The same problem as described above for TaxonNames also accounts for *@References@*, but in this case the problem is more severe since references are very often part of multiple taxon names.