[keycloak-dev] modeling map role fine grain permissions

Pedro Igor Silva psilva at redhat.com
Tue Apr 4 11:41:48 EDT 2017


Didn't get the part below.

Also, I'm curious to check how are you enforcing these permissions. Could
you link the branch you have this implemented ?

On Mon, Apr 3, 2017 at 11:58 AM, Bill Burke <bburke at redhat.com> wrote:

>
> MORE FINE GRAIN PERMISSIONS
>
> We also want to solve the case of allowing an admin to be able to map
> specific roles for members of a specific group.  To do this we'll add
> another policy type called "Has Permission".  Here you'll be able to
> link a permission to a policy.  So, to solve the use case for specific
> roles for members of a specific group, we can edit the "map-role"
> permission for a specific role and add a "Has Permission" that links to
> the permission that the admin has "manage-users" scope for a specific
> group.  Hope I'm making sense on this one.
>
>
> _______________________________________________
> keycloak-dev mailing list
> keycloak-dev at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-dev
>


More information about the keycloak-dev mailing list