[jboss-jira] [JBoss JIRA] (WFLY-4976) Access control exceptions missing for non-existent resources
Harald Pehl (JIRA)
issues at jboss.org
Tue Jul 21 10:21:08 EDT 2015
[ https://issues.jboss.org/browse/WFLY-4976?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Harald Pehl updated WFLY-4976:
------------------------------
Description:
When asking for the access control metadata using (r-r-d) on *existing* resources I get an exceptions block:
{code}
/server-group=*:read-resource-description(access-control=trim-descriptions,operations=true){roles=[main-maintainer,other-monitor]}
{code}
However when using the same operation on *non-existng* resources I don't see an exception block:
{code}
/server-group=*/deployment=*:read-resource-description(access-control=trim-descriptions,operations=true){roles=[main-maintainer,other-monitor]}
{code}
What we would need is a way to *always* get the exceptions no matter whether the resource exists. In the console we create a so-called security context which uses wildcard r-r-d operations like the ones above. This security context is used later on to show / hide UI controls.
was:
When asking for the access control metadata using (r-r-d) on *existing* resources I get an exceptions block:
{code}
/server-group=*:read-resource-description(access-control=trim-descriptions,operations=true){roles=[main-maintainer,other-monitor]}
{code}
However when using the same operation on *non-existent* resources I don't see an exception block:
{code}
/server-group=*/deployment=*:read-resource-description(access-control=trim-descriptions,operations=true){roles=[main-maintainer,other-monitor]}
{code}
What we would need is a way to *always* get the exceptions no matter whether the resource exists. In the console we create a so-called security context which uses wildcard r-r-d operations like the ones above. This security context is used later on to show / hide UI controls.
> Access control exceptions missing for non-existent resources
> ------------------------------------------------------------
>
> Key: WFLY-4976
> URL: https://issues.jboss.org/browse/WFLY-4976
> Project: WildFly
> Issue Type: Bug
> Components: Domain Management
> Reporter: Harald Pehl
> Assignee: Brian Stansberry
>
> When asking for the access control metadata using (r-r-d) on *existing* resources I get an exceptions block:
> {code}
> /server-group=*:read-resource-description(access-control=trim-descriptions,operations=true){roles=[main-maintainer,other-monitor]}
> {code}
> However when using the same operation on *non-existng* resources I don't see an exception block:
> {code}
> /server-group=*/deployment=*:read-resource-description(access-control=trim-descriptions,operations=true){roles=[main-maintainer,other-monitor]}
> {code}
> What we would need is a way to *always* get the exceptions no matter whether the resource exists. In the console we create a so-called security context which uses wildcard r-r-d operations like the ones above. This security context is used later on to show / hide UI controls.
--
This message was sent by Atlassian JIRA
(v6.3.15#6346)
More information about the jboss-jira
mailing list