You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@directory.apache.org by "Shawn McKinney (JIRA)" <ji...@apache.org> on 2018/08/23 15:19:00 UTC
[jira] [Commented] (FC-239) Some additional methods to manage role
constraints.
[ https://issues.apache.org/jira/browse/FC-239?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16590371#comment-16590371 ]
Shawn McKinney commented on FC-239:
-----------------------------------
{color:#000000}Adding RoleConstraint type USER:{color}
{color:#000000} public enum RCType{color}
{color:#000000} {{color}
{color:#000000} FILTER,{color}
{color:#000000} USER, <— this is new{color}
{color:#000000} OTHER{color}
{color:#000000} }{color}
{color:#000000}Which will piggyback on the existing entity, repurposing some of its fields:{color}
{color:#000000}String id; <— not used, left blank{color}
{color:#000000}RCType type <- ‘USER'{color}
{color:#000000}String value <- contains the attribute’s value{color}
{color:#000000}String paSetName; <- contains the attribute’s (key) name{color}
{color:#000000}Here is sample of RAW data, as it will be stored in the ftRC LDAP attribute:{color}
{color:#000000}washers$type$USER$locale$north${color}
{color:#000000}washers$type$USER$locale$south${color}
{color:#000000}In this case, the user, has two roleconstraints placed on their role assignment to ‘washers’. As can be seen, it uses a delimiter for each attr. But nothing has changed to the overall format of the field. Only the semantics of what the fields are used for.{color}
> Some additional methods to manage role constraints.
> ---------------------------------------------------
>
> Key: FC-239
> URL: https://issues.apache.org/jira/browse/FC-239
> Project: FORTRESS
> Issue Type: Improvement
> Affects Versions: 2.0.1
> Reporter: Shawn McKinney
> Assignee: Shawn McKinney
> Priority: Major
> Fix For: 2.0.2
>
>
> Now that Fortress supports attributes within the activation phase, convenience methods are needed to reduce complexity managing the attributes.
>
> AdminMgr
> 1. assignUser ( User, Role , Constraint )
> 2. deassignUser ( User, Role, Constraint )
> ReviewMgr
> 3. List<UserRole> getRoleConstraints( User, Role, Constraint )
> AccessMgr
> 4. applyConstraint ( Session, Constraint )
>
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)