[MAGNOLIA-1594] Extend User API to allow fetching all roles and groups assigned to user via getRoles() and getGroups() methods Created: 13/Jun/07  Updated: 23/Jan/13  Resolved: 13/Nov/07

Status: Closed
Project: Magnolia
Component/s: security
Affects Version/s: 3.1 M3
Fix Version/s: 3.5 RC1

Type: Improvement Priority: Blocker
Reporter: zam6ak Assignee: Magnolia International
Resolution: Fixed Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Issue Links:
relation
is related to MAGNOLIA-1582 User groups and roles are not resolvi... Closed
is related to MAGNOLIA-1329 Expose getRoles in the Group interface Closed
is related to MAGNOLIA-1836 security: implement Group.getAllRoles() Closed
Template:
Acceptance criteria:
Empty
Task DoD:
[ ]* Doc/release notes changes? Comment present?
[ ]* Downstream builds green?
[ ]* Solution information and context easily available?
[ ]* Tests
[ ]* FixVersion filled and not yet released
[ ]  Architecture Decision Record (ADR)
Date of First Response:

 Description   

Currently User API getRoles() and getGroups() only returns roles and groups directly assigned to the user and not the ones user inherits via group membership..



 Comments   
Comment by Sameer Charles [ 13/Jun/07 ]

If we do this we have to take care of other methods as well, depends how urgent and important this is...

getRoles() - returning all roles, no matter how they are referenced to this object
getDirectRoles() - (naming?) - returning all roles directly assigned

hasRole() / hasDirectRole()

same for groups...

Comment by Magnolia International [ 13/Sep/07 ]

The methods currently exist and in use by JCRAuthenticationModule, but are not properly implemented, thus currently preventing groups-roles-acl to be properly resolved when a user logs in.

Comment by Magnolia International [ 14/Sep/07 ]

now we have :
User.getGroups()
User.getAllGroups()
User.getRoles()
User.getAllRoles()
Group.getGroups()
Group.getAllGroups()

tested and works.
We should do

  • more tests
  • more refactoring
    on the Mgnl* implementations (add/has/remove role/group methods)
Comment by Magnolia International [ 14/Sep/07 ]

As a side note, I'd be in favour of having all those methods return a Set (that's what they do any way, you don't want to return role X 12 times if it's inherited through 12 groups, for instance)

Comment by Magnolia International [ 14/Sep/07 ]

(using groups now reworks nicely, too)

Comment by Philipp Bracher [ 13/Nov/07 ]

mostly done except: MAGNOLIA-1836

Generated at Mon Feb 12 03:28:25 CET 2024 using Jira 9.4.2#940002-sha1:46d1a51de284217efdcb32434eab47a99af2938b.