Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Session refresh on user rights change #2116

Closed
SYNchroACK opened this issue May 27, 2022 · 0 comments
Closed

Session refresh on user rights change #2116

SYNchroACK opened this issue May 27, 2022 · 0 comments
Assignees
@richard-julien
Labels
feature use for describing a new feature to develop solved use to identify issue that has been solved (must be linked to the solving PR)
Milestone
Release 5.4.0

Comments

@SYNchroACK
Copy link
Contributor

Use case

  1. john with permission to view/create/update knowledge will be able to edit an observable.
  2. The admin removes all permissions from john but john will still be logged in.
  3. john within his session, will edit another observable successfully
  4. john logouts and then login again and it will not be able to do anything, even if try to access directly the observable.

Current Workaround

I performed the same test and before the step 4, I deleted the session (http://localhost:8080/dashboard/settings/accesses/sessions) from user john and john automatically lost his access.

Proposed Solution

Refresh session on user rights change
@richard-julien richard-julien added the feature use for describing a new feature to develop label May 27, 2022
@richard-julien richard-julien added this to the Release 5.4.0 milestone May 27, 2022
richard-julien added a commit that referenced this issue Oct 23, 2022
@richard-julien
[api] Session lazy refresh on user rights/roles/groups modification (#…
03b765e 
…2116)
richard-julien added a commit that referenced this issue Oct 23, 2022
@richard-julien
[api] Add initialize session in jest testing (#2116)
7d17d1f
richard-julien added a commit that referenced this issue Oct 23, 2022
@richard-julien
[api] Fix return of the role edit relation add function (#2116)
0a5db2b
richard-julien added a commit that referenced this issue Oct 24, 2022
@richard-julien
[api] Add user delete kill sessions + use promise all for session ref…
b9ae0d4 
…resh mark (#2116)
Kedae pushed a commit that referenced this issue Oct 24, 2022
@richard-julien
[api] Session lazy refresh on user rights/roles/groups modifications (#…
4a0dc3d 
…2116) (#2480)

* [api] Session lazy refresh on user rights/roles/groups modification and user deletion (#2116)
@richard-julien richard-julien added the solved use to identify issue that has been solved (must be linked to the solving PR) label Oct 24, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@richard-julien richard-julien

Labels
feature use for describing a new feature to develop solved use to identify issue that has been solved (must be linked to the solving PR)
Projects
None yet
Milestone
Release 5.4.0
Development

No branches or pull requests
3 participants
@richard-julien @SamuelHassine @SYNchroACK