[ https://issues.apache.org/jira/browse/SYNCOPE-1143?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16080616#comment-16080616 ]
ASF subversion and git services commented on SYNCOPE-1143: ---------------------------------------------------------- Commit 9779e13e0d55efa445c6b046c51781d55d91991d in syncope's branch refs/heads/master from [~ilgrosso] [ https://git-wip-us.apache.org/repos/asf?p=syncope.git;h=9779e13 ] [SYNCOPE-1143] Now connector instances require an admin realm, which is used to enforce access control on it for administrative purposes > Fine-grained administration rights for Connector and Resources > -------------------------------------------------------------- > > Key: SYNCOPE-1143 > URL: https://issues.apache.org/jira/browse/SYNCOPE-1143 > Project: Syncope > Issue Type: Improvement > Components: common, console, core > Reporter: Francesco Chicchiriccò > Assignee: Francesco Chicchiriccò > Fix For: 2.0.5, 2.1.0 > > > The current delegated administration model defines coarse-grained > entitlements when it comes to Connectors and Resources: either an > administrator can manage all connectors and / or all resources, or cannot. > By associating Connectors (and Resources, by consequence) to Realms, it is > possible to grant entitlements (via Roles) to a given subset of all available > Connector and Resources, e.g. the ones associated to specific Realm(s). > Samples: > * if a Connector has the Realm {{/a/b/c}} assigned, then it would be > manageable by users owning the {{CONNECTOR_UPDATE}} on Realm {{/a/b/c}} (or > one of its parents) > * if a Resource is related to a Connector with the Realm {{/a/b/c}} > assigned, then it would be manageable by users owning the {{RESOURCE_UPDATE}} > on Realm {{/a/b/c}} (or one of its parents) -- This message was sent by Atlassian JIRA (v6.4.14#64029)