[jira] [Created] (USERGRID-307) Permissions not working

Mohit Kumar Sahu (JIRA) Thu, 01 Jan 2015 22:29:54 -0800

Mohit Kumar Sahu created USERGRID-307:
-----------------------------------------


             Summary: Permissions not working
                 Key: USERGRID-307
                 URL: https://issues.apache.org/jira/browse/USERGRID-307
             Project: Usergrid
          Issue Type: Story
          Components: Stack
    Affects Versions: 1.0
            Reporter: Mohit Kumar Sahu


I have two groups 'group-1' and 'group-2'.
'group-1' has one member 'user-1'
'group-2' has one member 'user-2'

Expected behaviour:
'user-1': should be able to get 'and' post activities into 'group-1'
'user-2': should be able to 'only' get activities from 'group-1'. He should 
'not' be allowed to post activities into 'group-1'.

What i tried:
Step 1: I removed all the permissions from default role.
Step 2: I added below permissions:
--> {"permission":"get,post,put,delete:/groups/group-1/*"} to 'user-1'
--> {"permission":"get,post,put,delete:/groups/group-1/**"} to 'user-1'
--> {"permission":"get:/groups/group-1/*"} to 'user-2'
--> {"permission":"get:/groups/group-1/**"} to 'user-2'

Testing GET calls via a REST HTTP client:
Test1: GET /myorg/myapp/groups/group-1/activities?access_token=<access token of 
user-1> - gives error
Test2: GET /myorg/myapp/groups/group-1/activities?access_token=<access token of 
user-2> - gives error

Both are failing. Please help.
Really appreciate your help.

Thanks,



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Created] (USERGRID-307) Permissions not working

Reply via email to