Affects Version/s: 3.0-M3
Fix Version/s: 3.0-RC2
In the current version of the cartridge it is not possible to use security and still allow for some use cases to be "unsecured" (meaning allowing an anonymous user to have acces to this use case).
On the mailinglist there was some discussion on how to deal with this and I agree defining a new stereotype lyke "Secured" and "Unsecured" is a good way to deal with this. For my understanding this would mean that:
- A use case that is typed "Unsecured" with no associations with any actors is accessible for anyone.
- A use case that is types "Unsecured" with several associations with actors is accessible for anyone.
- A use case that is typed "Secured" with no associations with any actors is NOT accessible by anyone.
- A user case that is typed "Secured" with several associations with actors is ONLY accessible for those actors/roles.