You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@continuum.apache.org by "Philippe Busque (JIRA)" <ji...@codehaus.org> on 2010/04/30 22:50:12 UTC
[jira] Created: (CONTINUUM-2515) Permission leak when deleting
group
Permission leak when deleting group
-----------------------------------
Key: CONTINUUM-2515
URL: http://jira.codehaus.org/browse/CONTINUUM-2515
Project: Continuum
Issue Type: Bug
Components: Security
Affects Versions: 1.3.6
Reporter: Philippe Busque
Create a Project group.
Add projects to it.
Delete the group.
All the roles and permissions created for the projects and groups remain in the Database and interface, with no way to delete them.
Over time, when many groups are created and deleted for versioning, this create a lot of orphans permissions and roles that slows down access.
The only way to purge those orphan roles are to delete them directly in the database, a task that is complicated by the various table relations.
When deleting a group, the associated permissions and role should be automatically deleted or at the very least, prompted for deletion.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: http://jira.codehaus.org/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] Closed: (CONTINUUM-2515) Permission leak when deleting group
Posted by "Brett Porter (JIRA)" <ji...@codehaus.org>.
[ http://jira.codehaus.org/browse/CONTINUUM-2515?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Brett Porter closed CONTINUUM-2515.
-----------------------------------
Resolution: Duplicate
Assignee: Brett Porter
closing as a duplicate of the related issues - we do intend to provide a way to clean them up in future, but for now this is by design.
> Permission leak when deleting group
> -----------------------------------
>
> Key: CONTINUUM-2515
> URL: http://jira.codehaus.org/browse/CONTINUUM-2515
> Project: Continuum
> Issue Type: Bug
> Components: Security
> Affects Versions: 1.3.6
> Reporter: Philippe Busque
> Assignee: Brett Porter
>
> Create a Project group.
> Add projects to it.
> Delete the group.
> All the roles and permissions created for the projects and groups remain in the Database and interface, with no way to delete them.
> Over time, when many groups are created and deleted for versioning, this create a lot of orphans permissions and roles that slows down access.
> The only way to purge those orphan roles are to delete them directly in the database, a task that is complicated by the various table relations.
> When deleting a group, the associated permissions and role should be automatically deleted or at the very least, prompted for deletion.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: http://jira.codehaus.org/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira