Uploaded image for project: 'Magnolia'
  1. Magnolia
  2. MAGNOLIA-8422

Implement security concept change

    XMLWordPrintable

Details

    • Story
    • Resolution: Duplicate
    • Neutral
    • None
    • None
    • None
    • None

    Description

      Each module will bring its own acl security template maybe based on some default one.
      Example:

      #Module ACL's setup example:
      apps:
        type: APP
        appList:
          - pages: #app name
              subapps:
                subapp1: #subapp name
                  actions:
                    - save
                    - edit
                    - rename
              subapp2:
                actions:
                  - rename
          - dam:
              subapps:
                subapp1:
                  actions:
                    - edit
                    - rename
              subapp2:
                actions:
                  - rename
      uri:
        type: URI
      content:
        type: CONTENT
        basePaths:
          - pages:
            basePath: "/pages"
          - assets:
            basePath: "/assets"
       
      #stored right list for role pages editor created from pages Module ACL's setup
      uri:
        - travel:
          path: "/travel"
          right: GET_AND_POST # from GET|GET_AND_POST|DENY allowed by URI definition
        - sportStation:
          path: "/sportStation"
          right: GET_AND_POST # from GET|GET_AND_POST|DENY allowed by URI definition
      content:
        - pages:
          path1:
            path: "/"
            environment: 0 #optional
            right: WRITE #from READ|WRITE|DENY allowed by CONTENT definition
            depth: INCLUDING_SUB-PATHS # from EXACT_PATH|SUB-PATHS_ONLY|INCLUDING_SUB-PATHS
        - assets:
          travel:
            path: "/travel"
            environment: 0 #optional
            right: READ #from READ|WRITE|DENY allowed by CONTENT definition
            depth: INCLUDING_SUB-PATHS # from EXACT_PATH|SUB-PATHS_ONLY|INCLUDING_SUB-PATHS
          sportStation:
            path: "/sportStation"
            environment: 0 #optional
            right: READ #from READ|WRITE|DENY allowed by CONTENT definition
            depth: INCLUDING_SUB-PATHS # from EXACT_PATH|SUB-PATHS_ONLY|INCLUDING_SUB-PATHS
      apps:
        - pages:
          right: ALLOW #from ALLOW|DENY
          browser:
            edit:
              right: ALLOW #from ALLOW|DENY
        - dam:
          right: ALLOW #from ALLOW|DENY
            browser:
              view:
                right: ALLOW #from ALLOW|DENY
      
      

      and we store for role values according to this template.

      We need to version it to check if there is need of administrator change after template change.

      We need to think about base path for module related content so content paths will be relative to this content. Is it needed/wanted?

      Checklists

        Acceptance criteria

        Attachments

          Issue Links

            Activity

              People

                Unassigned Unassigned
                efochr Evzen Fochr
                AdminX
                Votes:
                0 Vote for this issue
                Watchers:
                2 Start watching this issue

                Dates

                  Created:
                  Updated:
                  Resolved:

                  Checklists

                    Task DoD