You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@continuum.apache.org by "Jeremy Ian Ong (JIRA)" <ji...@codehaus.org> on 2009/04/23 21:51:44 UTC

[jira] Created: (CONTINUUM-2201) Changing Developer Role's

Changing Developer Role's
-------------------------

                 Key: CONTINUUM-2201
                 URL: http://jira.codehaus.org/browse/CONTINUUM-2201
             Project: Continuum
          Issue Type: Improvement
          Components: Security
    Affects Versions: 1.3.1
         Environment: Windows XP, Mozilla Firefox
            Reporter: Jeremy Ian Ong
            Priority: Minor


I need to set rule's for the Project Developer Role.  Needed rule is for Project Developer's role,  is not able to delete Build Results.


-- 
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: http://jira.codehaus.org/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira

[jira] Issue Comment Edited: (CONTINUUM-2201) Changing Developer Role's

Posted by "Maria Catherine Tan (JIRA)" <ji...@codehaus.org>.

    [ http://jira.codehaus.org/browse/CONTINUUM-2201?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=176523#action_176523 ] 

Maria Catherine Tan edited comment on CONTINUUM-2201 at 5/15/09 2:17 AM:
-------------------------------------------------------------------------

We can't set the permission resource to "global" because any user with that permission can remove build result of other groups, which he doesn't have access to. 

A quick fix will be to create a template for it, which i'm not in favor of.

We need to fix this in redback. Maybe improve how redback handles role with permission's resource set to ${resource}. 

      was (Author: ctan):
    We can't set the permission resource to "global" because any user with that permission can remove build result of other groups, which he doesn't have access to. Setting it to a specific resource in redback.xml is not an option too. Should be configurable in 

A quick fix will be to create a template for it, which i'm not in favor of.

We need to fix this in redback. Maybe improve how redback handles role with permission's resource set to ${resource}. 
  
> Changing Developer Role's
> -------------------------
>
>                 Key: CONTINUUM-2201
>                 URL: http://jira.codehaus.org/browse/CONTINUUM-2201
>             Project: Continuum
>          Issue Type: Improvement
>          Components: Security
>    Affects Versions: 1.3.1
>         Environment: Windows XP, Mozilla Firefox
>            Reporter: Jeremy Ian Ong
>            Priority: Minor
>
> I need to set rule's for the Project Developer Role.  Needed rule is for Project Developer's role,  is not able to delete Build Results.

-- 
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: http://jira.codehaus.org/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira

[jira] Commented: (CONTINUUM-2201) Changing Developer Role's

Posted by "Wendy Smoak (JIRA)" <ji...@codehaus.org>.

    [ http://jira.codehaus.org/browse/CONTINUUM-2201?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=175012#action_175012 ] 

Wendy Smoak commented on CONTINUUM-2201:
----------------------------------------

I'm not in favor of this change -- I think a developer who can execute builds and create build results should also be able to delete them.

Ideally we will make this more easily configurable for admins who want stricter rules.

Marica, are you saying it's not configurable at all right now?  (You can't change an xml file somewhere... ?)

> Changing Developer Role's
> -------------------------
>
>                 Key: CONTINUUM-2201
>                 URL: http://jira.codehaus.org/browse/CONTINUUM-2201
>             Project: Continuum
>          Issue Type: Improvement
>          Components: Security
>    Affects Versions: 1.3.1
>         Environment: Windows XP, Mozilla Firefox
>            Reporter: Jeremy Ian Ong
>            Priority: Minor
>
> I need to set rule's for the Project Developer Role.  Needed rule is for Project Developer's role,  is not able to delete Build Results.

-- 
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: http://jira.codehaus.org/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira

[jira] Commented: (CONTINUUM-2201) Changing Developer Role's

Posted by "Maria Catherine Tan (JIRA)" <ji...@codehaus.org>.

    [ http://jira.codehaus.org/browse/CONTINUUM-2201?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=179733#action_179733 ] 

Maria Catherine Tan commented on CONTINUUM-2201:
------------------------------------------------

REDBACK-174 is for users to need not run sql scripts when there are changes in role permissions and there's already an existing db.

I created another redback issue for this REDBACK-226.

> Changing Developer Role's
> -------------------------
>
>                 Key: CONTINUUM-2201
>                 URL: http://jira.codehaus.org/browse/CONTINUUM-2201
>             Project: Continuum
>          Issue Type: Improvement
>          Components: Security
>    Affects Versions: 1.3.1
>         Environment: Windows XP, Mozilla Firefox
>            Reporter: Jeremy Ian Ong
>            Priority: Minor
>
> I need to set rule's for the Project Developer Role.  Needed rule is for Project Developer's role,  is not able to delete Build Results.

-- 
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: http://jira.codehaus.org/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira

[jira] Updated: (CONTINUUM-2201) Changing Developer Role's

Posted by "Wendy Smoak (JIRA)" <ji...@codehaus.org>.

     [ http://jira.codehaus.org/browse/CONTINUUM-2201?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Wendy Smoak updated CONTINUUM-2201:
-----------------------------------

    Fix Version/s: Reviewed

> Changing Developer Role's
> -------------------------
>
>                 Key: CONTINUUM-2201
>                 URL: http://jira.codehaus.org/browse/CONTINUUM-2201
>             Project: Continuum
>          Issue Type: Improvement
>          Components: Security
>    Affects Versions: 1.3.1
>         Environment: Windows XP, Mozilla Firefox
>            Reporter: Jeremy Ian Ong
>            Priority: Minor
>             Fix For: Reviewed
>
>
> I need to set rule's for the Project Developer Role.  Needed rule is for Project Developer's role,  is not able to delete Build Results.

-- 
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: http://jira.codehaus.org/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira

[jira] Commented: (CONTINUUM-2201) Changing Developer Role's

Posted by "Maria Catherine Tan (JIRA)" <ji...@codehaus.org>.

    [ http://jira.codehaus.org/browse/CONTINUUM-2201?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=176271#action_176271 ] 

Maria Catherine Tan commented on CONTINUUM-2201:
------------------------------------------------

in order to have a configurable permission to remove build result, i tried to add a new role in redback.xml

      <role>
          <id>continuum-manage-build-result</id>
          <name>continuum-manage-build-result</name>
          <assignable>true</assignable>
          <permanent>true</permanent>
          <permissions>
            <permission>
              <id>continuum-remove-build-result</id>
              <name>Continuum Remove Build Result</name>
              <operation>continuum-remove-build-result</operation>
              <resource>${resource}</resource>
            </permission>
          </permissions>
        </role>

However, setting the resource permission to ${resource} is not allowed. I'm getting a Role Model Validation Error. So it's either the resource is set to global or set to a specific resource but not ${resource}.



> Changing Developer Role's
> -------------------------
>
>                 Key: CONTINUUM-2201
>                 URL: http://jira.codehaus.org/browse/CONTINUUM-2201
>             Project: Continuum
>          Issue Type: Improvement
>          Components: Security
>    Affects Versions: 1.3.1
>         Environment: Windows XP, Mozilla Firefox
>            Reporter: Jeremy Ian Ong
>            Priority: Minor
>
> I need to set rule's for the Project Developer Role.  Needed rule is for Project Developer's role,  is not able to delete Build Results.

-- 
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: http://jira.codehaus.org/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira

[jira] Commented: (CONTINUUM-2201) Changing Developer Role's

Posted by "Maria Catherine Tan (JIRA)" <ji...@codehaus.org>.

    [ http://jira.codehaus.org/browse/CONTINUUM-2201?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=176523#action_176523 ] 

Maria Catherine Tan commented on CONTINUUM-2201:
------------------------------------------------

We can't set the permission resource to "global" because any user with that permission can remove build result of other groups, which he doesn't have access to. Setting it to a specific resource in redback.xml is not an option too. Should be configurable in 

A quick fix will be to create a template for it, which i'm not in favor of.

We need to fix this in redback. Maybe improve how redback handles role with permission's resource set to ${resource}. 

> Changing Developer Role's
> -------------------------
>
>                 Key: CONTINUUM-2201
>                 URL: http://jira.codehaus.org/browse/CONTINUUM-2201
>             Project: Continuum
>          Issue Type: Improvement
>          Components: Security
>    Affects Versions: 1.3.1
>         Environment: Windows XP, Mozilla Firefox
>            Reporter: Jeremy Ian Ong
>            Priority: Minor
>
> I need to set rule's for the Project Developer Role.  Needed rule is for Project Developer's role,  is not able to delete Build Results.

-- 
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: http://jira.codehaus.org/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira

[jira] Issue Comment Edited: (CONTINUUM-2201) Changing Developer Role's

Posted by "Maria Catherine Tan (JIRA)" <ji...@codehaus.org>.

    [ http://jira.codehaus.org/browse/CONTINUUM-2201?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=174075#action_174075 ] 

Maria Catherine Tan edited comment on CONTINUUM-2201 at 4/24/09 1:58 AM:
-------------------------------------------------------------------------

Removed previous comment.

As it happens, there is no redback permission for modifying a build result. It only checks if the user has a project modify group permission to be able to delete a build result.

      was (Author: ctan):
    Modifying the redback.xml will fix this but I think we need to have an edit role permissions page to make these kinds of changes without the need to modify redback.xml and users database every time.
  
> Changing Developer Role's
> -------------------------
>
>                 Key: CONTINUUM-2201
>                 URL: http://jira.codehaus.org/browse/CONTINUUM-2201
>             Project: Continuum
>          Issue Type: Improvement
>          Components: Security
>    Affects Versions: 1.3.1
>         Environment: Windows XP, Mozilla Firefox
>            Reporter: Jeremy Ian Ong
>            Priority: Minor
>
> I need to set rule's for the Project Developer Role.  Needed rule is for Project Developer's role,  is not able to delete Build Results.

-- 
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: http://jira.codehaus.org/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira

[jira] Commented: (CONTINUUM-2201) Changing Developer Role's

Posted by "Maria Catherine Tan (JIRA)" <ji...@codehaus.org>.

    [ http://jira.codehaus.org/browse/CONTINUUM-2201?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=175093#action_175093 ] 

Maria Catherine Tan commented on CONTINUUM-2201:
------------------------------------------------

Removing a build result is allowed if the user has a project modify group permission, which IMO is not right.

I think we need to add another permission e.g. "continuum-remove-build-result" which can be configurable.

> Changing Developer Role's
> -------------------------
>
>                 Key: CONTINUUM-2201
>                 URL: http://jira.codehaus.org/browse/CONTINUUM-2201
>             Project: Continuum
>          Issue Type: Improvement
>          Components: Security
>    Affects Versions: 1.3.1
>         Environment: Windows XP, Mozilla Firefox
>            Reporter: Jeremy Ian Ong
>            Priority: Minor
>
> I need to set rule's for the Project Developer Role.  Needed rule is for Project Developer's role,  is not able to delete Build Results.

-- 
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: http://jira.codehaus.org/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira