Dynamic groups. Advances. Part II

Though dynamic group usecase described in documentation looks reasonable (but has some limitations), no one customer have asked me to implement such functionality. Another usecase of dynamic groups is privilege escalation, i.e. executing some docbase commands with higher privileges. It is obvious that in complex project it is not possible (or very hard) to implement good security model, moreover, no matter how much you do try to implement security model – any new customer’s requirements can bring all your efforts to naught 😦
Continue reading