Loading...

XML

Word

Printable

Details

Type: Sub-task
Resolution: Done
Priority: Major
Fix Version/s: 2.2.0
Affects Version/s: None
Component/s: Access Control
Labels:
None

Description

Currently the topoogy presenter is using the following @AccessControl annotation:

@AccessControl(resources = {
    "/server-group={addressable.group}",
    "/{selected.host}/server-config=*"
    }, recursive = false)

This has a number of drawbacks:

When the user is assigned to several server-group scoped roles (all of them addressable), only the first addressable group is taken into account when the security context is created.
The wildcard for server-config does not result in exact operation permissions for the distinct servers.

To address these issues, the topology presenter should create a security context using the resources from the current topology. Thus the presenter would first read the topology and then use this information to create a security context with addresses for the server-groups, hosts and servers.

Attachments

Issue Links

is related to

HAL-238 Control element visibility for users with multiple scoped roles

Resolved

relates to

HAL-221 Missing server controls in topology view for Server scoped roles

Resolved

Activity

People

Assignee:: Harald Pehl

Reporter:: Harald Pehl

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Dates

Created:: 2013/10/29 7:51 PM

Updated:: 2013/12/09 6:58 PM

Resolved:: 2013/12/09 6:58 PM