Uploaded image for project: '[Read Only] - Hippo Repository'
  1. [Read Only] - Hippo Repository
  2. REPO-628

Add security service for managing security related objects

    XMLWordPrintable

Details

    • New Feature
    • Status: Closed
    • Normal
    • Resolution: Fixed
    • None
    • 2.26.00-alpha-1, 2.26.00
    • None

    Description

      There is a lot of code duplication in our code base for dealing with accessing security related information in the repository. For instance checking whether a user is a member of a group, checking whether the user is a system user or if the user has a certain role in a given domain, etcetera. We need a repository security service obtainable and scoped to a session that can be used to obtain such information. Note that because the service will be scoped to the session, access control is done on the operations exposed by the service: if the session is not granted jcr:read privileges on the user node it wants to access it will not be able to see the corresponding user, etc.

      The interface is expected to grow over time. We will start out with a few basic and simple operations that cover our immediate use cases: get a user by id, get a group by id, get a list of all users, get the group memberships of a user, etc. In the long run, we may progressively add functionality to the service to reduce our technical debt in this area.

      Attachments

        Activity

          People

            jsheriff Junaidh Kadhar Sheriff
            uhommes Unico Hommes (Inactive)
            Votes:
            0 Vote for this issue
            Watchers:
            5 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: