You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@fineract.apache.org by "walter211 (JIRA)" <ji...@apache.org> on 2019/03/09 09:35:00 UTC
[jira] [Commented] (FINCN-28) Adjust Permittables to make
permission versioning possible
[ https://issues.apache.org/jira/browse/FINCN-28?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16788598#comment-16788598 ]
walter211 commented on FINCN-28:
--------------------------------
Hi, cause I didn't find issue page opened, have to comment for searching help. I am working on Fineract-CN for a blockchian project POC, met problems when I try to launch this project, any suggestion will be appreicated, thanks
> Adjust Permittables to make permission versioning possible
> ----------------------------------------------------------
>
> Key: FINCN-28
> URL: https://issues.apache.org/jira/browse/FINCN-28
> Project: Fineract Cloud Native
> Issue Type: Improvement
> Components: fineract-cn-anubis, fineract-cn-template
> Reporter: Myrle Krantz
> Assignee: Leopold Joy
> Priority: Major
>
> When a service is provisioned, the provisioner requests all of the permittable groups from the service and then saves them in identity. They are saved under the service name and the service version. Groups cannot be changed after they have been created because if they were, administrators might find that users have permissions they were never intended to have. New permittable groups can be added when new versions of a service are introduced.
> Currently the service name and the service version are derived from a yaml file. They could be changed via environment variables in the deployment of a service. This is inconsistent with their close linking to the service code and endpoints. If an administrator wished to change the service name they would have to migrate all of the permissions for all of the users.
> To rectify this situation, the service name and version should be made part of every Permittable annotation on every endpoint. This will also make it possible to version the permissions, and to place endpoints in multiple permittable groups with multipile versions.
> The new properties should be required. This means that all of the services will have to be adjusted. Start with anubis (where the Permittable annotation is defined), and then work on template to make sure the changes work for a simple service. After that, all of the services will need to be adjusted, and provisioning will need to be tested in the demo-server.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)