[MAGNOLIA-272] Introduce extensible Grant mechanism Created: 31/Jan/05  Updated: 07/May/05  Resolved: 07/May/05

Status: Closed
Project: Magnolia
Component/s: admininterface, core
Affects Version/s: 2.01
Fix Version/s: 2.1 Final

Type: New Feature Priority: Major
Reporter: Boris Kraft Assignee: Boris Kraft
Resolution: Fixed Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Template:
Acceptance criteria:
Empty

 Description   

Currently, grants are more or less hard coded and implicit. We should abstract from what we have and introduce a new categroy called "Grant", where a Role is a collection of grants, just like a Group will be a collection of Users.

As grants we shall have what we have now but explicit instead of implicit. So we have

  • read /write/deny on repository;
  • admin users
  • admin roles
  • admin all

Plus things like

  • delete node
  • launch workflow
  • ...


 Comments   
Comment by Boris Kraft [ 07/May/05 ]

This has at least partially been solved now, as roles can be defined using r/w/deny on all repositories. This way, if for example you don't want someone to add users, deny the right to write to the users repository.

Generated at Mon Feb 12 03:15:47 CET 2024 using Jira 9.4.2#940002-sha1:46d1a51de284217efdcb32434eab47a99af2938b.