[
https://issues.apache.org/jira/browse/SYNCOPE-55?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13250586#comment-13250586
]
Francesco Chicchiriccò commented on SYNCOPE-55:
-----------------------------------------------
Thanks for your patch; I think this should address the following items:
* instead of modifying existing RoleController.read() REST method, create a
new method RoleController.selfRead()
* move your utility method to EntitlementUtil class
* add a dedicated test case (in RoleTestITCase, for one of available test
users)
* be sure to make your patch from source root
> Allow users to read roles assigned to them by membership
> --------------------------------------------------------
>
> Key: SYNCOPE-55
> URL: https://issues.apache.org/jira/browse/SYNCOPE-55
> Project: Syncope
> Issue Type: Improvement
> Components: core
> Affects Versions: 1.0.0-incubating
> Reporter: Bob Lannoy
> Assignee: Francesco Chicchiriccò
> Labels: patch, role, self
> Fix For: 1.0.0-incubating
>
> Attachments: RoleController.java.patch
>
>
> A user has self read rights on the user object. On the memberships returned
> the user cannot query the roles that are in the membership.
> I'd like to propose a change that would allow an authenticated user to get
> the role objects of which he is member.
> This is userful in a scenario where roles contain useful attributes for
> external applications.
> The proposed change is limited to the role itelf and not its parents since
> this might divulge too much information.
> I've created a patch for the rolecontrolle. Maybe the additional method could
> be moved to the entitlementutil class but it has nothing to do with the
> entitlements themselves and shouldn't be mixed I guess.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators:
https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
