Affects Version/s: 1.0.1
Fix Version/s: 2.0.0-RC1
We are currently working on performing an integration between Openstack Keystone and Fortress Core. We will use Fortress as the authorization backend for the rest of Openstack. We have managed to map most of the current functionality in Openstack within the Fortress schema except for the ability to assign roles to a group.
I've spoken with Shawn McKinney, and he determined this improvement is a feasible addition to Fortress's feature set. After a number of back and forths, we have come up with the following requirements as API additions:
- Session createSession (Group group, boolean isTrusted);
- void assignGroup ( Group group, Role role );
- List<Group> roleGroups ( Role role );
- List<Role> groupRoles ( Group group );
- the ability to use the above session with checkAccess(Session session, Permission perm)
We also discussed temporal constrains for group to role assignment. Temporal constrains will not be utilized as this functionality has not been defined in Openstack.