[jboss-jira] [JBoss JIRA] (WFLY-2318) Access control exceptions missing for scoped roles

Brian Stansberry (JIRA) jira-events at lists.jboss.org
Tue Nov 26 18:23:05 EST 2013


     [ https://issues.jboss.org/browse/WFLY-2318?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Brian Stansberry updated WFLY-2318:
-----------------------------------

    Comment: was deleted

(was: The 2 scoped roles aspect doesn't seem to matter; I get the same result with {roles=main-servers}.

Which I think is good news, actually. Less likely to be some weird corner case deal.)

    
> Access control exceptions missing for scoped roles
> --------------------------------------------------
>
>                 Key: WFLY-2318
>                 URL: https://issues.jboss.org/browse/WFLY-2318
>             Project: WildFly
>          Issue Type: Bug
>      Security Level: Public(Everyone can see) 
>          Components: Domain Management
>            Reporter: Heiko Braun
>            Assignee: Brian Stansberry
>
> The following setup: user with two scoped roles assigned. maintainer for "main-servers", monitor for "other-servers". Requesting the access control meta data for the server group wildcard ]does not include "exceptions". 
> Expected result: the access control meta data response contains an "exception" for each server group (main-server-group & other-server-group)
> {code}
> [domain at localhost:9999 /] ./server-group=*:read-resource-description(access-control=trim-descriptions, operations=true){roles=main-servers, other-servers}
> {
>     "outcome" => "success",
>     "result" => [{
>         "address" => [("server-group" => "*")],
>         "outcome" => "success",
>         "result" => {
>             "description" => undefined,
>             "attributes" => undefined,
>             "operations" => undefined,
>             "children" => {
>                 "deployment" => {"model-description" => undefined},
>                 "system-property" => {"model-description" => undefined},
>                 "jvm" => {"model-description" => undefined},
>                 "deployment-overlay" => {"model-description" => undefined}
>             },
>             "access-control" => {
>                 "default" => {
>                     "read" => true,
>                     "write" => true,
>                     "attributes" => {
>                         "socket-binding-port-offset" => {
>                             "read" => true,
>                             "write" => true
>                         },
>                         "management-subsystem-endpoint" => {
>                             "read" => true,
>                             "write" => false
>                         },
>                         "socket-binding-group" => {
>                             "read" => true,
>                             "write" => true
>                         },
>                         "profile" => {
>                             "read" => true,
>                             "write" => true
>                         }
>                     },
>                     "operations" => {
>                         "read-children-names" => {"execute" => true},
>                         "read-operation-description" => {"execute" => true},
>                         "remove" => {"execute" => true},
>                         "read-resource-description" => {"execute" => true},
>                         "stop-servers" => {"execute" => true},
>                         "read-resource" => {"execute" => true},
>                         "add" => {"execute" => true},
>                         "read-attribute" => {"execute" => true},
>                         "whoami" => {"execute" => true},
>                         "read-children-types" => {"execute" => true},
>                         "read-operation-names" => {"execute" => true},
>                         "undefine-attribute" => {"execute" => true},
>                         "start-servers" => {"execute" => true},
>                         "read-children-resources" => {"execute" => true},
>                         "restart-servers" => {"execute" => true},
>                         "replace-deployment" => {"execute" => true},
>                         "write-attribute" => {"execute" => true}
>                     }
>                 },
>                 "exceptions" => {}
>             }
>         }
>     }]
> }
> {code}

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira


More information about the jboss-jira mailing list