[SYNCOPE-1143] Fine-grained administration rights for Connector and Resources - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Improvement
Status: Closed
Priority: Major
Resolution: Fixed
Affects Version/s: None
Fix Version/s: 2.0.5, 2.1.0
Component/s: common, console, core
Labels:
None

Description

The current delegated administration model defines coarse-grained entitlements when it comes to Connectors and Resources: either an administrator can manage all connectors and / or all resources, or cannot.

By associating Connectors (and Resources, by consequence) to Realms, it is possible to grant entitlements (via Roles) to a given subset of all available Connector and Resources, e.g. the ones associated to specific Realm(s).

Samples:

if a Connector has the Realm /a/b/c assigned, then it would be manageable by users owning the CONNECTOR_UPDATE on Realm /a/b/c (or one of its parents)
if a Resource is related to a Connector with the Realm /a/b/c assigned, then it would be manageable by users owning the RESOURCE_UPDATE on Realm /a/b/c (or one of its parents)

Attachments

Activity

People

Assignee:: Francesco Chicchiriccò

Reporter:: Francesco Chicchiriccò

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Dates

Created:: 04/Jul/17 11:01

Updated:: 07/May/18 13:57

Resolved:: 10/Jul/17 16:36