[
http://jira.amdatu.org/jira/browse/AMDATU-125?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Ivo Ladage - van Doorn updated AMDATU-125:
------------------------------------------
Component/s: Amdatu OpenSocial
(was: Application - Dashboard)
> Let gadgetmanager be authorization-aware
> ----------------------------------------
>
> Key: AMDATU-125
> URL: http://jira.amdatu.org/jira/browse/AMDATU-125
> Project: Amdatu
> Issue Type: Improvement
> Components: Amdatu OpenSocial
> Reporter: Koos Gadellaa
> Assignee: Ivo Ladage - van Doorn
>
> The following scenario is'nt possible:
> {panel}
> Authorization - The administrator of a particular tenant might want to define
> authorization on adding gadgets to the dashboard. For example teachers may
> add the 'Display student results' gadget to their dashboard, but this gadget
> should not be available to students .
> {panel}
> However, such a feature would make a nice addition to the gadgetmanager.
> In essence, it means displaying gadgets to specific users only if they are
> authorized to see them.
> Actually adding these gadgets to a dashboard, and subsequently viewing them
> has other authorization issues (gadgets should disallow unauthorized people
> to see it's content, for example. but that is up to the gadget. Adding to a
> dashboard might need a similar check. And what happens when gadgets are
> already on the dashboard but no longer authorized?).
> Hence, one step would be to ensure that the gadgetmanager simply doesn't show
> them. Any other authorization support can be integrated later and should not
> be seen as part of this feature.
--
This message is automatically generated by JIRA.
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
