On 30/03/2012 14:48, Bob Lannoy wrote: > On 30 March 2012 14:29, Colm O hEigeartaigh <[email protected]> wrote: >> Hi Bob, >> >> I've been running into similar issues. >> >>> - /auth/getentitlements doesn't give me the roles of the connected user >> It gives you the list of entitlements associated with the roles of the >> connected user. Perhaps this controller should also have a similar >> method for returning a list of role names of the connected user as >> well? > Through the console both are mixed so I confused entitlements with the roles. > A "getroles" method for the connected user would indeed be handy. > Ideally it could return the child with its parents > > I could try to have a go at it although I'm not a hard core developer ;)
Hi, let me clarify one point: if role A (with entitlement E) has child role B, and user U has role B assigned, this DOES NOT IMPLY that user U has role A assigned as well. When defining roles, you can choose whether a role will inherit some information (entitlements, for example) from its parent. This means, referring to example above, that if B is configured to inherit entitlements from A, user U will have entitlement E. Hence, a method like the one above proposed by Colm will not be needed: when using the self-read REST method (as indicated by Fabio in another e-mail), you will find such information in UserTO.getRoles(). Regards. -- Francesco Chicchiriccò Apache Cocoon PMC and Apache Syncope PPMC Member http://people.apache.org/~ilgrosso/
