[MAGNOLIA-272] Introduce extensible Grant mechanism Created: 31/Jan/05 Updated: 07/May/05 Resolved: 07/May/05 |
|
| Status: | Closed |
| Project: | Magnolia |
| Component/s: | admininterface, core |
| Affects Version/s: | 2.01 |
| Fix Version/s: | 2.1 Final |
| Type: | New Feature | Priority: | Major |
| Reporter: | Boris Kraft | Assignee: | Boris Kraft |
| Resolution: | Fixed | Votes: | 0 |
| Labels: | None | ||
| Remaining Estimate: | Not Specified | ||
| Time Spent: | Not Specified | ||
| Original Estimate: | Not Specified | ||
| Template: |
|
| Acceptance criteria: |
Empty
|
| Description |
|
Currently, grants are more or less hard coded and implicit. We should abstract from what we have and introduce a new categroy called "Grant", where a Role is a collection of grants, just like a Group will be a collection of Users. As grants we shall have what we have now but explicit instead of implicit. So we have
Plus things like
|
| Comments |
| Comment by Boris Kraft [ 07/May/05 ] |
|
This has at least partially been solved now, as roles can be defined using r/w/deny on all repositories. This way, if for example you don't want someone to add users, deny the right to write to the users repository. |