syncope-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "ASF subversion and git services (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (SYNCOPE-1143) Fine-grained administration rights for Connector and Resources
Date Mon, 07 May 2018 13:57:00 GMT

    [ https://issues.apache.org/jira/browse/SYNCOPE-1143?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16465935#comment-16465935
] 

ASF subversion and git services commented on SYNCOPE-1143:
----------------------------------------------------------

Commit 643edfcdeef8235be13cb3d0f34c435fe7239f59 in syncope's branch refs/heads/2_0_X from
[~ilgrosso]
[ https://git-wip-us.apache.org/repos/asf?p=syncope.git;h=643edfc ]

Forgot to add some docs about SYNCOPE-1143


> Fine-grained administration rights for Connector and Resources
> --------------------------------------------------------------
>
>                 Key: SYNCOPE-1143
>                 URL: https://issues.apache.org/jira/browse/SYNCOPE-1143
>             Project: Syncope
>          Issue Type: Improvement
>          Components: common, console, core
>            Reporter: Francesco Chicchiriccò
>            Assignee: Francesco Chicchiriccò
>            Priority: Major
>             Fix For: 2.0.5, 2.1.0
>
>
> The current delegated administration model defines coarse-grained entitlements when it
comes to Connectors and Resources: either an administrator can manage all connectors and /
or all resources, or cannot.
> By associating Connectors (and Resources, by consequence) to Realms, it is possible to
grant entitlements (via Roles) to a given subset of all available Connector and Resources,
e.g. the ones associated to specific Realm(s).
> Samples:
>  * if a Connector has the Realm {{/a/b/c}} assigned, then it would be manageable by users
owning the {{CONNECTOR_UPDATE}} on Realm {{/a/b/c}} (or one of its parents)
>  * if a Resource is related to a Connector with the Realm {{/a/b/c}} assigned, then it
would be manageable by users owning the {{RESOURCE_UPDATE}} on Realm {{/a/b/c}} (or one of
its parents)



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

Mime
View raw message