continuum-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Wendy Smoak" <wsm...@gmail.com>
Subject Who should be allowed to do what?
Date Thu, 04 Sep 2008 00:34:37 GMT
Some *'s on the new Roles page (thanks, Emmanuel!) made me suspicious,
and some brief clicking around turned up:

CONTINUUM-1867  Project group admin should not be able to grant
system-wide roles to himself
CONTINUUM-1866  Project group admin should not be able to see projects
from other groups in the queues
CONTINUUM-1865  Project group admin should not be able to see Local
Repo and Purge configuration

At this point I went looking for a design doc on the roles to see who
is intended to be able to perform what actions.  There's some really
old stuff [1] ("We'll use Acegi") on the wiki, but so far I'm not
finding what I'm looking for.

I know many users don't care about role based access control, but for
those who do, it can be a *really* big deal.

Does anyone have time to sketch out how they think it's supposed to
work, so we can compare to what's actually happening and figure out if
there are any other holes?

[1] http://docs.codehaus.org/display/CONTINUUM/Security

Thanks,
-- 
Wendy

Mime
View raw message