[
https://issues.apache.org/jira/browse/SYNCOPE-1143?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Francesco Chicchiriccò updated SYNCOPE-1143:
--------------------------------------------
Description:
The current delegated administration model defines coarse-grained entitlements
when it comes to Connectors and Resources: either an administrator can manage
all connectors and / or all resources, or cannot.
By associating Connectors (and Resources, by consequence) to Realms, it is
possible to grant entitlements (via Roles) to a given subset of all available
Connector and Resources, e.g. the ones associated to specific Realm(s).
Samples:
* if a Connector has the Realm {{/a/b/c}} assigned, then it would be
manageable by users owning the {{CONNECTOR_UPDATE}} on Realm {{/a/b/c}} (or one
of its parents)
* if a Resource is related to a Connector with the Realm {{/a/b/c}} assigned,
then it would be manageable by users owning the {{RESOURCE_UPDATE}} on Realm
{{/a/b/c}} (or one of its parents)
was:
The current delegated administration model defines coarse-grained entitlements
when it comes to Connectors and Resources: either an administrator can manage
all connectors and / or all resources, or cannot.
By associating Connectors (and Resources, by consequence) to Realms, it is
possible to grant entitlements (via Roles) to a given subset of all available
Connector and Resources, e.g. the ones associated to specific Realm(s).
> Fine-grained administration rights for Connector and Resources
> --------------------------------------------------------------
>
> Key: SYNCOPE-1143
> URL: https://issues.apache.org/jira/browse/SYNCOPE-1143
> Project: Syncope
> Issue Type: Improvement
> Components: common, console, core
> Reporter: Francesco Chicchiriccò
> Fix For: 2.0.5, 2.1.0
>
>
> The current delegated administration model defines coarse-grained
> entitlements when it comes to Connectors and Resources: either an
> administrator can manage all connectors and / or all resources, or cannot.
> By associating Connectors (and Resources, by consequence) to Realms, it is
> possible to grant entitlements (via Roles) to a given subset of all available
> Connector and Resources, e.g. the ones associated to specific Realm(s).
> Samples:
> * if a Connector has the Realm {{/a/b/c}} assigned, then it would be
> manageable by users owning the {{CONNECTOR_UPDATE}} on Realm {{/a/b/c}} (or
> one of its parents)
> * if a Resource is related to a Connector with the Realm {{/a/b/c}}
> assigned, then it would be manageable by users owning the {{RESOURCE_UPDATE}}
> on Realm {{/a/b/c}} (or one of its parents)
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)
