Uploaded image for project: 'Nuxeo Platform'
  1. Nuxeo Platform
  2. NXP-14674 Improve multi-tenant configurability and isolation
  3. NXP-14675

UserProfile should not be "World readable" in multi-tenant.

    XMLWordPrintable

    Details

      Description

      The UserProfile is created with a "World readable" ACL :

      <document repository="default" id="56eefb3d-...">
        <system>
          <type>UserProfile</type>
          <path>tdelprat/1323963682791</path>
          <lifecycle-state>undefined</lifecycle-state>
          <lifecycle-policy>undefined</lifecycle-policy>
          <facet>UserProfile</facet>
          <facet>HiddenInNavigation</facet>
          <access-control>
            <acl name="local">
              <entry principal="Everyone" permission="Read" grant="true"/>
            </acl>
            <acl name="inherited">
              <entry principal="tdelprat" permission="Everything" grant="true"/>
              <entry principal="Everyone" permission="Everything" grant="false"/>
            </acl>
          </access-control>
        </system>
      ...
      

      In the case of multi-tenant, we should use the Tenant group to restrict this ACL.

      https://github.com/nuxeo/nuxeo-user-center/blob/master/nuxeo-user-profile/src/main/java/org/nuxeo/ecm/user/center/profile/UserProfileServiceImpl.java

      The problem is actually more global and not specifically bound to the UserProfile.
      => add a listener in multi-tenant to dynamically update the ACLs to enforce Tenant group restriction

        Attachments

          Issue Links

            Activity

              People

              • Votes:
                0 Vote for this issue
                Watchers:
                2 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved:

                  PagerDuty

                  Error rendering 'com.pagerduty.jira-server-plugin:PagerDuty'. Please contact your Jira administrators.