[MGNLGROOVY-17] Grant permissions to access groovy features to superuser and scripter roles only Created: 19/Feb/10  Updated: 25/Nov/13  Resolved: 11/Mar/10

Status: Closed
Project: Magnolia Groovy Module
Component/s: console, integration, tree/dialog
Affects Version/s: None
Fix Version/s: 1.0

Type: Task Priority: Major
Reporter: Federico Grilli Assignee: Federico Grilli
Resolution: Fixed Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Template:
Acceptance criteria:
Empty
Task DoR:
Empty
Date of First Response:

 Comments   
Comment by Philipp Bärfuss [ 08/Mar/10 ]

Reopening the issue to start a discussion.

In my opinion the shell should check for a certain role. Just protecting the url, as it is done now, has the following disadvantages:

  • each role needs the deny ACL which clutters all the existing roles (done by an update task)
  • once one greats a new roles/user group one might forget to add this special deny permission

Simple: better to grant access to few than to deny access explicitly to many

Generated at Mon Feb 12 05:54:45 CET 2024 using Jira 9.4.2#940002-sha1:46d1a51de284217efdcb32434eab47a99af2938b.