Return-Path: X-Original-To: apmail-incubator-clerezza-dev-archive@minotaur.apache.org Delivered-To: apmail-incubator-clerezza-dev-archive@minotaur.apache.org Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by minotaur.apache.org (Postfix) with SMTP id 1EB6090DA for ; Tue, 8 Nov 2011 14:24:40 +0000 (UTC) Received: (qmail 3511 invoked by uid 500); 8 Nov 2011 14:24:40 -0000 Delivered-To: apmail-incubator-clerezza-dev-archive@incubator.apache.org Received: (qmail 3473 invoked by uid 500); 8 Nov 2011 14:24:40 -0000 Mailing-List: contact clerezza-dev-help@incubator.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: clerezza-dev@incubator.apache.org Delivered-To: mailing list clerezza-dev@incubator.apache.org Received: (qmail 3463 invoked by uid 99); 8 Nov 2011 14:24:40 -0000 Received: from nike.apache.org (HELO nike.apache.org) (192.87.106.230) by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 08 Nov 2011 14:24:39 +0000 X-ASF-Spam-Status: No, hits=-2001.2 required=5.0 tests=ALL_TRUSTED,RP_MATCHES_RCVD X-Spam-Check-By: apache.org Received: from [140.211.11.116] (HELO hel.zones.apache.org) (140.211.11.116) by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 08 Nov 2011 14:24:37 +0000 Received: from hel.zones.apache.org (hel.zones.apache.org [140.211.11.116]) by hel.zones.apache.org (Postfix) with ESMTP id 45AD73DD97 for ; Tue, 8 Nov 2011 14:23:55 +0000 (UTC) Date: Tue, 8 Nov 2011 14:23:55 +0000 (UTC) From: "Tommaso Teofili (Updated) (JIRA)" To: clerezza-dev@incubator.apache.org Message-ID: <1864859462.10872.1320762235286.JavaMail.tomcat@hel.zones.apache.org> In-Reply-To: <18857873.11911295260723499.JavaMail.jira@thor> Subject: [jira] [Updated] (CLEREZZA-397) Usermanager access permissions: define permissions to access the usermanager MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit X-JIRA-FingerPrint: 30527f35849b9dde25b450d4833f0394 X-Virus-Checked: Checked by ClamAV on apache.org [ https://issues.apache.org/jira/browse/CLEREZZA-397?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Tommaso Teofili updated CLEREZZA-397: ------------------------------------- Fix Version/s: 0.2-incubating > Usermanager access permissions: define permissions to access the usermanager > ---------------------------------------------------------------------------- > > Key: CLEREZZA-397 > URL: https://issues.apache.org/jira/browse/CLEREZZA-397 > Project: Clerezza > Issue Type: Improvement > Reporter: Tsuyoshi Ito > Assignee: Tsuyoshi Ito > Fix For: 0.2-incubating > > > implemented 2 Permissions: > PermissionManagerAccessPermission > UserManagerAccessPermission > Furthermore the GUI and the webservices checks the permissions of the current user. if the latter has not assigned the permissions which he wants to add a response 403 is returned. These checks are ontop of java permission and should prevent endusers form misusage of the usermanager.webinterface. -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa For more information on JIRA, see: http://www.atlassian.com/software/jira