[
https://issues.apache.org/jira/browse/SYNCOPE-55?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Bob Lannoy updated SYNCOPE-55:
------------------------------
Attachment: RoleController.java.patch
> Allow users to read roles assigned to them by membership
> --------------------------------------------------------
>
> Key: SYNCOPE-55
> URL: https://issues.apache.org/jira/browse/SYNCOPE-55
> Project: Syncope
> Issue Type: Improvement
> Components: core
> Affects Versions: 1.0.0-incubating
> Reporter: Bob Lannoy
> Labels: patch, role, self
> Fix For: 1.0.0-incubating
>
> Attachments: RoleController.java.patch
>
>
> A user has self read rights on the user object. On the memberships returned
> the user cannot query the roles that are in the membership.
> I'd like to propose a change that would allow an authenticated user to get
> the role objects of which he is member.
> This is userful in a scenario where roles contain useful attributes for
> external applications.
> The proposed change is limited to the role itelf and not its parents since
> this might divulge too much information.
> I've created a patch for the rolecontrolle. Maybe the additional method could
> be moved to the entitlementutil class but it has nothing to do with the
> entitlements themselves and shouldn't be mixed I guess.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators:
https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
