[jboss-jira] [JBoss JIRA] Updated: (JBRULES-428) Access Control List - each node to be protected
Toni Rikkola (JIRA)
jira-events at lists.jboss.org
Tue Nov 2 03:52:02 EDT 2010
[ https://jira.jboss.org/browse/JBRULES-428?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Toni Rikkola updated JBRULES-428:
---------------------------------
Parent: (was: JBRULES-684)
Issue Type: Feature Request (was: Sub-task)
> Access Control List - each node to be protected
> ------------------------------------------------
>
> Key: JBRULES-428
> URL: https://jira.jboss.org/browse/JBRULES-428
> Project: Drools
> Issue Type: Feature Request
> Security Level: Public(Everyone can see)
> Components: drools
> Reporter: Michael Neale
> Assignee: Michael Neale
> Fix For: drools-5.0.0.M3
>
>
> Rule nodes (at least) need to have an ACL: what groups can access it in what capacity. First need to have a structure for ACLs to be stored.
> They should be tied to user groups/roles, not individual logins.
> JAAS should provide the user name and the users context (group membership) I believe.
> When there is an ACL, it must be checked to see if the user (via their group membership) can do one of the following:
> Edit, change status, view, delete.
> If they can't view, ideally it will not be shown in any "lists", but if that is not feasable, it would be acceptable to list it, but not show the contents.
> Will need to be able to set permission from within an admin facility of the application.
> see http://wiki.jboss.org/wiki/Wiki.jsp?page=RulesRepositoryRoleAuthorization for more details
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: https://jira.jboss.org/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
More information about the jboss-jira
mailing list