[
https://issues.apache.org/jira/browse/ISIS-2719?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Daniel Keir Haywood updated ISIS-2719:
--------------------------------------
Description:
Two separate (perhaps completely separate?) issues here:
* for shiro.ini, we don't support "impersonateWithRoles", so my guess is that
we keep the same roles as the original.
* for secman, we ignore the roles specified using "impersonateWithRoles",
because ApplicationUser#getPermissionSet joins across to the roles in the
database, rather than the set of roles that are in the UserMemento.
was:
Two separate (perhaps really separate) issues here:
* for shiro.ini, we don't support "impersonateWithRoles", so my guess is that
we keep the same roles as the original.
* for secman, we ignore the roles specified using "impersonateWithRoles",
because ApplicationUser#getPermissionSet joins across to the roles in the
database, rather than the set of roles that are in the UserMemento.
> Impersonation does not correctly figure out permissions of switched user
> ------------------------------------------------------------------------
>
> Key: ISIS-2719
> URL: https://issues.apache.org/jira/browse/ISIS-2719
> Project: Isis
> Issue Type: Improvement
> Reporter: Daniel Keir Haywood
> Assignee: Daniel Keir Haywood
> Priority: Minor
> Fix For: 2.0.0-M6
>
>
> Two separate (perhaps completely separate?) issues here:
> * for shiro.ini, we don't support "impersonateWithRoles", so my guess is
> that we keep the same roles as the original.
> * for secman, we ignore the roles specified using "impersonateWithRoles",
> because ApplicationUser#getPermissionSet joins across to the roles in the
> database, rather than the set of roles that are in the UserMemento.
>
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
