Every persistent object has three implied properties: parent, permission, and fields. The parent property is necessary to determine if an object is a descendent of another object. If object A can be reached by tracing through iteratively through the parent property starting at object B then object B is a descendent of A. This property is used by inheritance as described above. It is also used when a copy of B is made of an object. When a copy of an object is made, descendents that referred to it are also copied, but not descendents that are referred are still references to the same objects in the copy. Finally, the parent property is used for security inheritance. The permissions of the nearest ancestor is used whenever an object does not have its own explicit permissions. The fields property of persistent object is used to define information about the possible properties of an object. The fields object can have a properties referring to field objects with field definitions corresponding to each property of the parent object. The field object has a name property which facilitating naming the field with an string (the underlying property/field name in the parent object must be a valid JavaScript symbol, that has no spaces or special characters, and it cannot be changed). The field object can define the ?advancedness? which defines what view in the property viewer the corresponding property will be displayed. The following table shows when a property will be displayed based on advancedness

 

 

View	Advancedness
Simple	<2
Normal	<3
Advanced	<4
Developer	any

 

The field object can have an options property that refers to a list that holds possible values for the field, thus limiting the selection to the given list. An optional property of the list is not limited, which if set to true, allows users to the value of the field/property to a value not included on the list.

A field object can also have a property required template that specifies only the field/property may be set to an object that is a version of (inherits from) the object specified by the required template.

Security for Authenteo is handled on the server. The permissions for an object can be defined by setting the permissions property for an object to a permissions object that is a list of role permission objects that define the role, which refer to a user or a group, and a permit level property that specifies the access level of that role. The permission level for an object is computed from the permissions of the object or the permissions for the nearest ancestor if the permission is not defined directly on the object. The permission level is based on the role permission for which the current user belongs to or is. If the user matches multiple roles than the highest permission level is used. If an object is an instance of another object (inherits from it) the permissions are not inherited.

Persistent objects in Authenteo are not all persisted to the server. Newly created persistent objects will only exist on the client/browser until a server persisted object is modified to refer to it, at which time it an all it properties are persisted to the server. A client persistent object and server persisted object can be treated the same (the same API applies).