> On Sep 14, 2016, at 12:59 PM, Vyacheslav Vakhlyuev <[email protected]> > wrote: > > I have few more questions. > 1. Should we enforce SSD and DSD constraints for groups?
Definitely. It appears that you have already done the necessary work for DSD (inside new createSession's calling out to validateConstraints) but we’ll need to add for SSD as well. This is another area I can help with as there will be impact to existing utils. Believe it to be minimal, i.e. adding an overloaded method or two as the underlying validation doesn’t change. > > On Sep 14, 2016, at 12:59 PM, Vyacheslav Vakhlyuev <[email protected]> > wrote: > > I have few more questions. > 2. Should we allow to createSession for groups with type=USER? No > > On Sep 14, 2016, at 12:59 PM, Vyacheslav Vakhlyuev <[email protected]> > wrote: > > 3. In core's AdminMgr "deleteRole" method doesn't perform any actions for > groups, i.e. remove role member from group when role is deleted. Is this > intended? No. I saw your TODO there. Agree that it’s necessary. Should be done before call to roleP.delete. Great questions btw. Demonstrates understanding of the impact of this new feature and how the code is supposed to work. Thanks, Shawn
