Uploaded image for project: 'Ignite'
  1. Ignite
  2. IGNITE-5077

Support service security permissions

    XMLWordPrintableJSON

Details

    • New Feature
    • Status: Resolved
    • Major
    • Resolution: Implemented
    • None
    • 2.1
    • managed services
    • None

    Description

      Need to add capability to specify permissions to allow/disallow executions of particular services (similar to compute tasks).

      The following permissions should be added to the SecurityPermission enum:

      SERVICE_DEPLOY - for IgniteServices.deployXXX methods.
      SERVICE_CANCEL - for IgniteServices.cancel and IgniteServices.cancelAll methods.
      SERVICE_INVOKE - for IgniteServices.service, IgniteServices.services and IgniteServices.serviceProxy methods.

      SERVICE_INVOKE should allow fine-grained authorization based on service name, similar to TASK_EXECUTE. E.g., a particular user should be able to execute service A, but not service B.

      Attachments

        Issue Links

          relates to

          Bug - A problem which impairs or prevents the functions of the product. IGNITE-5259 Minor serialization fix

          • Major - Major loss of function.
          • Resolved
          links to

          Web Link GitHub Pull Request #1870

          Web Link GitHub Pull Request #1870

          Activity

            People

              dkarachentsev Dmitry Karachentsev
              dkarachentsev Dmitry Karachentsev
              Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved:

                Time Tracking

                  Estimated:
                  Original Estimate - Not Specified
                  Not Specified
                  Remaining:
                  Remaining Estimate - 0h
                  0h
                  Logged:
                  Time Spent - 20m
                  20m