Events Retrieval & Sundial's Security Model
The event retrieval interface of Sundial strictly observes Sundial's security model. Thus, the set of events returned in response to a request to the event retrieval interface will be filtered not only by criteria variables submitted, but also by Sundial's permissions system.
When reviewing what follows, it is important to remember that, by default, all users of Sundial belong to the special and internally defined local.Public/Everyone group.
Non-Authenticated Users
Users who are not authenticated to a Sundial interface via a registered authentication service, may view events that meet the following conditions:
- The event has been approved for publication to a population in which the group local.Public/Everyone is a member
- The group local.Public/Everyone has been granted the View Event permission within the Edit Event > Permissions area of the event editing interface of Sundial.
Example depicting the explicit granting of the View Event permission to Public/Everyone
Authenticated Users
Users who are authenticated to a Sundial interface via a registered authentication service, may view events under the following conditions:
-
If the user is a member of local.Administrators (i.e. the person is a Sundial administrator), they may view all events within Sundial regardless of specified population, publication status, or security groups with defined permissions on the event.
-
If the user is not a member of local.Administrators, they may view the following events:
- All events for which the user is a member of a population that the event has been published and approved for publication to.
- All events for which the user is a member of a security group that has been given explicit View permissions within the Edit Event > Permissions area of the event editing interface of Sundial.
- All events for which the user is the owner/author.