CRUD security not respecting Actor <--> <<Manageable>> associations

Description

Doesn't matter who is logged into the application when security is enabled. Anyone can create/delete <<Manageable>> entities. This is a show stopper for my application as I can't deploy it until it's fixed. We don't want regular users creating or deleting sensitive <<Entity>> instances.

Environment

Linux (Ubuntu) JDK 1.5/1.4 MagicDraw 9.5 sp1

Assignee

Former user

Reporter

Tim Dysinger

Labels

None

Components

Affects versions

Priority

Critical
Configure