Uploaded image for project: 'FORTRESS'
  1. FORTRESS
  2. FC-144

Ability to assign groups to roles

    Details

    • Type: Improvement
    • Status: Resolved
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: 1.0.1
    • Fix Version/s: 2.0.0-RC1
    • Labels:
      None

      Description

      We are currently working on performing an integration between Openstack Keystone and Fortress Core. We will use Fortress as the authorization backend for the rest of Openstack. We have managed to map most of the current functionality in Openstack within the Fortress schema except for the ability to assign roles to a group.

      I've spoken with Shawn McKinney, and he determined this improvement is a feasible addition to Fortress's feature set. After a number of back and forths, we have come up with the following requirements as API additions:

      • Session createSession (Group group, boolean isTrusted);
      • void assignGroup ( Group group, Role role );
      • List<Group> roleGroups ( Role role );
      • List<Role> groupRoles ( Group group );
      • the ability to use the above session with checkAccess(Session session, Permission perm)

      We also discussed temporal constrains for group to role assignment. Temporal constrains will not be utilized as this functionality has not been defined in Openstack.

        Attachments

          Issue Links

          There are no Sub-Tasks for this issue.

            Activity

              People

              • Assignee:
                vvakhlyuev Vyacheslav Vakhlyuev
                Reporter:
                fstingaciu@mirantis.com Florin Stingaciu
              • Votes:
                0 Vote for this issue
                Watchers:
                4 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: