Major Description
Following the discussion we had on IRC with coheigea, it seems that a few Entitlements, not available since earlier versions, might be re-introduced, to properly control access to the related REST services:
- GROUP_LIST
- RESOURCE_LIST
- ANYTYPE_LIST
- ANYTYPECLASS_LIST
- SCHEMA_LIST
- SECURITY_QUESTION_LIST
- REALM_LIST
The rationale not to have such Entitlements in Syncope 1.x was that the related information had to be made available during self-registration.
Now that we have the Enduser UI, however, it seems that it is possible to
- introduce dedicated REST endpoint(s) to serve such content for self-registration, with minimal information (for example only group names, no need to provide extra information as attributes, type extensions, etc.)
- restore appropriate access control for the REST endpoints to be accessed for administrative purposes
Attachments
Issue Links
- links to
