jboss-jira August 2013

jboss-jira@lists.jboss.org

1 participants
1794 discussions

[JBoss JIRA] (WFLY-1790) RBAC: HostScopedRole* operations are wrong (copy&paste from ServerGroupScopedRole*)

by Ladislav Thon (JIRA)

[ https://issues.jboss.org/browse/WFLY-1790?page=com.atlassian.jira.plugin.... ] Ladislav Thon closed WFLY-1790. ------------------------------- > RBAC: HostScopedRole* operations are wrong (copy&paste from ServerGroupScopedRole*) > ----------------------------------------------------------------------------------- > > Key: WFLY-1790 > URL: https://issues.jboss.org/browse/WFLY-1790 > Project: WildFly > Issue Type: Feature Request > Components: Domain Management > Reporter: Ladislav Thon > Assignee: Ladislav Thon > > This is the issue I was speaking about with Brian yesterday. > The {{HostScopedRole*}} operations are clearly a copy&paste from {{ServerGroupScopedRole*}} operations. Sadly, there are few artifacts of this: > - {{HostScopedRoleAdd.performRuntime}} refers to attribute definitions from {{ServerGroupScopedRoleResourceDefinition}}, while it should use the ones from {{HostScopedRolesResourceDefinition}} > - all the {{HostScopedRoleAdd}}, {{HostScopedRoleRemove}} and {{HostScopedRoleWriteAttributeHandler}} operations expect that the {{hosts}} attribute will always contain a valid list, while it can easily be undefined (see {{HostScopedRolesResourceDefinition.HOSTS}}) -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators For more information on JIRA, see: http://www.atlassian.com/software/jira

12 years, 4 months

1
0
0 / 0

[JBoss JIRA] (WFLY-1790) RBAC: HostScopedRole* operations are wrong (copy&paste from ServerGroupScopedRole*)

by Ladislav Thon (JIRA)

[ https://issues.jboss.org/browse/WFLY-1790?page=com.atlassian.jira.plugin.... ] Ladislav Thon resolved WFLY-1790. --------------------------------- Assignee: Ladislav Thon (was: Brian Stansberry) Resolution: Done I issued a pull request with my fix and Brian accepted that. So this is fixed. > RBAC: HostScopedRole* operations are wrong (copy&paste from ServerGroupScopedRole*) > ----------------------------------------------------------------------------------- > > Key: WFLY-1790 > URL: https://issues.jboss.org/browse/WFLY-1790 > Project: WildFly > Issue Type: Feature Request > Components: Domain Management > Reporter: Ladislav Thon > Assignee: Ladislav Thon > > This is the issue I was speaking about with Brian yesterday. > The {{HostScopedRole*}} operations are clearly a copy&paste from {{ServerGroupScopedRole*}} operations. Sadly, there are few artifacts of this: > - {{HostScopedRoleAdd.performRuntime}} refers to attribute definitions from {{ServerGroupScopedRoleResourceDefinition}}, while it should use the ones from {{HostScopedRolesResourceDefinition}} > - all the {{HostScopedRoleAdd}}, {{HostScopedRoleRemove}} and {{HostScopedRoleWriteAttributeHandler}} operations expect that the {{hosts}} attribute will always contain a valid list, while it can easily be undefined (see {{HostScopedRolesResourceDefinition.HOSTS}}) -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators For more information on JIRA, see: http://www.atlassian.com/software/jira

12 years, 4 months

1
0
0 / 0

[JBoss JIRA] (WFLY-490) Domain Management Role Based Access Control

by Brian Stansberry (JIRA)

[ https://issues.jboss.org/browse/WFLY-490?page=com.atlassian.jira.plugin.s... ] Brian Stansberry updated WFLY-490: ---------------------------------- Parent: (was: WFLY-448) Issue Type: Feature Request (was: Sub-task) > Domain Management Role Based Access Control > ------------------------------------------- > > Key: WFLY-490 > URL: https://issues.jboss.org/browse/WFLY-490 > Project: WildFly > Issue Type: Feature Request > Components: Domain Management, Security > Reporter: Darran Lofthouse > Assignee: Darran Lofthouse > Priority: Blocker > Labels: Authorization > Fix For: 8.0.0.CR1 > > > Implement some coarse permissions for domain operations. Possibly allowing a break down for subsystem, profile, server, server-group - maybe read - write - execute. > Also consider confidentiality in exchange e.g. Can read metrics over http but must use https to add new server. -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators For more information on JIRA, see: http://www.atlassian.com/software/jira

12 years, 4 months

1
0
0 / 0

[JBoss JIRA] (WFLY-1789) RBAC: OperationContextImpl.readResourceForUpdate is missing an authorize call

by Brian Stansberry (JIRA)

[ https://issues.jboss.org/browse/WFLY-1789?page=com.atlassian.jira.plugin.... ] Brian Stansberry commented on WFLY-1789: ---------------------------------------- Thanks. It was on my mental TODO list, but I trust JIRA more as a TODO list. :) > RBAC: OperationContextImpl.readResourceForUpdate is missing an authorize call > ----------------------------------------------------------------------------- > > Key: WFLY-1789 > URL: https://issues.jboss.org/browse/WFLY-1789 > Project: WildFly > Issue Type: Feature Request > Components: Domain Management > Reporter: Ladislav Thon > Assignee: Brian Stansberry > > [This issue was in fact found on 2013-07-09 and is being filled now only for tracking purposes.] > During code inspection, I found one method in the {{OperationContextImpl}} class that is IMHO missing an {{authorize}} call: {{readResourceForUpdate}}. Compare with {{readModelForUpdate}}. See TODO in the code. -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators For more information on JIRA, see: http://www.atlassian.com/software/jira

12 years, 4 months

1
0
0 / 0

← Newer
1
...
177
178
179
180
Older →

Jump to page:

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

jboss-jira August 2013