Mohit Kumar Sahu created USERGRID-306:
-----------------------------------------
Summary: Permissions not working
Key: USERGRID-306
URL: https://issues.apache.org/jira/browse/USERGRID-306
Project: Usergrid
Issue Type: Story
Components: Stack
Affects Versions: 1.0
Reporter: Mohit Kumar Sahu
I have two groups 'group-1' and 'group-2'.
'group-1' has one member 'user-1'
'group-2' has one member 'user-2'
My requirement:
'user-1': should be able to get 'and' post activities into 'group-1'
'user-2': should be able to 'only' get activities from 'group-1'. He should
'not' be allowed to post activities into 'group-1'.
What i tried:
Step 1: I removed all the permissions from default role.
Step 2: I added below permissions:
--> {"permission":"get,post,put,delete:/groups/group-1/*"} to 'user-1'
--> {"permission":"get,post,put,delete:/groups/group-1/**"} to 'user-1'
--> {"permission":"get:/groups/group-1/*"} to 'user-2'
--> {"permission":"get:/groups/group-1/**"} to 'user-2'
Testing GET calls via a REST HTTP client:
Test1: GET /myorg/myapp/groups/group-1/activities?access_token=<access token of
user-1> - gives error
Test2: GET /myorg/myapp/groups/group-1/activities?access_token=<access token of
user-2> - gives error
Both are failing. Please help.
Really appreciate your help.
Thanks,
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
