Uploaded image for project: 'OpenIDM'
  1. OpenIDM
  2. OPENIDM-10939

Attributes returned from queries and other requests should be filtered according to privileges

    XMLWordPrintable

    Details

      Description

      The responses to requests made by a delegated admin should be filtered at the attribute level according to the privileges assigned to that user. This includes query results as well as other response payloads.

      In cases where privileges seem to conflict remember that privileges are additive so, even for attributes, any attribute that is allowed by any privilege that matches the object should allow the attribute through the filter.  If no privilege matches an attribute then it should be omitted by the filter.

      This filtering should be done at the highest level possible so that this filtering has the first and last word on what gets through.

        Attachments

          Activity

            People

            Assignee:
            krismy.alfaro Krismy Alfaro
            Reporter:
            jbranch Jon Branch
            QA Assignee:
            Garyl Erickson Garyl Erickson
            Votes:
            0 Vote for this issue
            Watchers:
            4 Start watching this issue

              Dates

              Created:
              Updated:
              Resolved: