Task #6601
Introduce a new roles definition syntax including runtime constraints
| Status: | On Hold | Start date: | 2010-02-25 | |
|---|---|---|---|---|
| Priority: | Could have | Due date: | ||
| Assigned To: | Andreas Förthner | % Done: | 0% |
|
| Category: | Security | |||
| Target version: | - | |||
| Sprint: | Has patch: | |||
| PHP Version: | Complexity: |
Description
The roles definition in the Policy.yaml should look like that in the future:
roles:
Administrator:
parentRoles: []
Speaker:
parentRoles: [Administrator]
constraint: party.name "andi" && party.address.street "at home"
Note the new feature of runtime constraints!
Related issues
History
#1 Updated by Andreas Förthner over 5 years ago
- Status changed from New to Accepted
#2 Updated by Andreas Förthner over 5 years ago
- Status changed from Accepted to On Hold
- Priority changed from Should have to Could have
- Target version deleted (
1.0 alpha 8)
The role constraints should be implemented on the account side. As this feature seems not to be too important, we will postpone it until there's a real need for it.
#3 Updated by Andreas Förthner over 5 years ago
One use case could be a system like forge. There you have different projects and in each project you have different roles. We have to evaluate this and check if role constraints are the right solution for such a setup.