Details
-
Bug
-
Resolution: Unresolved
-
Minor
-
None
-
None
-
None
Description
It was intended that if you had READ you could see attestation. Maybe the names of who did it should be redacted if you don’t have ADMIN, or we should look at it more carefully? Can you please open a jira and we can fix it later?
Thanks
Chris
From: grouper-core-request@internet2.edu [grouper-core-request@internet2.edu] On Behalf Of Shilen Patel
Sent: Thursday, May 03, 2018 7:49 AM
To: grouper-core@internet2.edu
Subject: [grouper-core] attestation privileging
If you only have READ access to a group, is it expected that you should be able to see the attestation audit log? If you only have READ access, then you can’t see the privileges for the group. But if you can look at the attestation log, you can figure out at least some of the privileges. The same question applies to the user audit (GRP-1756). This is really a question – I don’t know if the current behavior is correct or not. Thoughts?
Thanks!
- Shilen