Uploaded image for project: 'Nuxeo Platform'
  1. Nuxeo Platform
  2. NXP-15653

Add security checks at directory entry level

    XMLWordPrintable

    Details

    • Type: New Feature
    • Status: Open
    • Priority: Minor
    • Resolution: Unresolved
    • Affects Version/s: None
    • Fix Version/s: QualifiedToSchedule
    • Component/s: Directory

      Description

      For some specific cases, we may want to have a per-entry check, at least for WRITE access.
      ex : Power Users should not be able to edit admin accounts
      For this of use case, we could introduce a kind of Directory SecurityPolicy DirectoryEntrySecurityManager.
      For Repository backed Directories, the implementation could be ACL based, and we can define other implementation for specific directories.

        Attachments

          Issue Links

          depends on

          New Feature - A new feature of the product, which has yet to be developed. NXP-13724 Restrict Directory read/write access

          • Critical - Crashes, loss of data, severe memory leak.
          • Resolved

            Activity

              People

              • Assignee:
                Unassigned
                Reporter:
                mhilaire Maxime Hilaire
                Participants:
              • Votes:
                0 Vote for this issue
                Watchers:
                1 Start watching this issue

                Dates

                • Created:
                  Updated: