[jira] [Commented] (FC-144) Ability to assign groups to roles

["Kseniya Tychkova (JIRA)" <ji...@apache.org>]

    [ https://issues.apache.org/jira/browse/FC-144?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15392216#comment-15392216 ] 

Kseniya Tychkova commented on FC-144:
-------------------------------------

We have time and desire to implement this feature :)
Shawn, could you please confirm that described steps are still valid?
Apache Fortress has an "OrganizationalUnit" entity now. Maybe it makes more sense to extend OrganizationalUnit class?

> Ability to assign groups to roles
> ---------------------------------
>
>                 Key: FC-144
>                 URL: https://issues.apache.org/jira/browse/FC-144
>             Project: FORTRESS
>          Issue Type: Improvement
>    Affects Versions: 1.0.0-RC40
>            Reporter: Florin Stingaciu
>
> We are currently working on performing an integration between Openstack Keystone and Fortress Core. We will use Fortress as the authorization backend for the rest of Openstack. We have managed to map most of the current functionality in Openstack within the Fortress schema except for the ability to assign roles to a group. 
> I've spoken with [~smckinney], and he determined this improvement is a feasible addition to Fortress's feature set. After a number of back and forths, we have come up with the following requirements as API additions:
> * Session createSession (Group group, boolean isTrusted);
> * void assignGroup ( Group group, Role role );
> * List<Group> roleGroups ( Role role );
> * List<Role> groupRoles ( Group group );
> * the ability to use the above session with checkAccess(Session session, Permission perm)
> We also discussed temporal constrains for group to role assignment. Temporal constrains will not be utilized as this functionality has not been defined in Openstack.  



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)