Details
-
Sub-task
-
Resolution: Done
-
Major
-
None
Description
When data sources are made application resources, deployer should be able to modify them. This doesn't work, as opposed to e.g. mail sessions. For example:
/core-service=management/access=authorization/constraint=application-classification/type=datasources/classification=data-source:write-attribute(name=configured-application, value=true) {"outcome" => "success"} [standalone@localhost:9990 /] /subsystem=datasources/data-source=ExampleDS:write-attribute(name=jndi-name, value="java:jboss/datasources/ExampleDS_XXX"){roles=deployer} { "outcome" => "failed", "failure-description" => "JBAS013456: Unauthorized to execute operation 'write-attribute' for resource '[ (\"subsystem\" => \"datasources\"), (\"data-source\" => \"ExampleDS\") ]' -- \"JBAS013475: Permission denied\"", "rolled-back" => true } [standalone@localhost:9990 /] /core-service=management/access=authorization/constraint=application-classification/type=mail/classification=mail-session:write-attribute(name=configured-application, value=true) {"outcome" => "success"} [standalone@localhost:9990 /] /subsystem=mail/mail-session=java\:jboss\/mail\/Default:write-attribute(name=jndi-name, value="java:jboss/mail/Default_XXX"){roles=deployer} { "outcome" => "success", "response-headers" => { "operation-requires-reload" => true, "process-state" => "reload-required" } }
I have a test case for this as a last commit in my branch https://github.com/Ladicek/wildfly/commits/rbac (that is the commit called RBAC test case for application types).
Brian, in case you are not the right assignee, please reassign.
Attachments
Issue Links
- relates to
-
HAL-273 Revisit deployer role on application resources
-
- Resolved
-
