syncope-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "ASF subversion and git services (JIRA)" <>
Subject [jira] [Commented] (SYNCOPE-1067) More flexible delegated administration model
Date Fri, 09 Jun 2017 17:44:18 GMT


ASF subversion and git services commented on SYNCOPE-1067:

Commit 23b1c9d76840fe0331edabbdcda239f477294181 in syncope's branch refs/heads/master from
[;h=23b1c9d ]

[SYNCOPE-1067] Fix build (2nd attempt)

> More flexible delegated administration model
> --------------------------------------------
>                 Key: SYNCOPE-1067
>                 URL:
>             Project: Syncope
>          Issue Type: Improvement
>          Components: console, core
>            Reporter: Francesco Chicchiriccò
>            Assignee: Francesco Chicchiriccò
>             Fix For: 2.0.4, 2.1.0
> The current implementation of [delegated administration|]
relies on Roles, where each Role associates a set of Entitlements (e.g. administrative actions)
to a set of Realms (e.g. containers for Users / Groups / Any Objects).
> This requires, however, that the set of Users / Groups / Any Objects to administer is
somehow statically defined by containment: "administrators with role R can manage users under
realms /a and /b" works as long as users to administer are fully contained by the Realms /a
and /b; but what if the set of Users that R can administer needs to be dynamically defined,
say by the value of a 'department' attribute?

This message was sent by Atlassian JIRA

View raw message