Uploaded image for project: 'Grouper'
  1. Grouper
  2. GRP-2551

Change log events for permission changes on subject

    XMLWordPrintable

Details

    • Improvement
    • Status: Resolved
    • Minor
    • Resolution: Unresolved
    • None
    • 2.4.0.patch
    • None
    • None

    Description

      When a change is made in Grouper, check if that change adds or deletes permissions. A permission here is considered a combination of role, resource (attribute def name), action, and subject. And add change log events for each subject/role combination. The change log doesn't include the action or resource. I think this implies that (1) if a user is given a new permission (subject/action/resource) in a single event and they actually get it via multiple roles (in that single event), then you'd have multiple change log events for the user (one for each role). And (2) if a user already has a permission (subject/action/resource) but they are now getting it via another role, there would also be a change log event.

      Attachments

        Activity

          People

            shilen.patel@at.internet2.edu Shilen Patel (duke.edu)
            shilen.patel@at.internet2.edu Shilen Patel (duke.edu)
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

            Dates

              Created:
              Updated:

              Smart Checklist