Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix(permissions): Update default object access permissions (DEV-514) #2004

Merged
merged 3 commits into from Feb 18, 2022
Merged

fix(permissions): Update default object access permissions (DEV-514) #2004

merged 3 commits into from Feb 18, 2022

Conversation

irinaschubert
Copy link

resolves DEV-514

@irinaschubert irinaschubert self-assigned this Feb 17, 2022
@sonarcloud
Copy link

sonarcloud bot commented Feb 17, 2022

Kudos, SonarCloud Quality Gate passed!    Quality Gate passed

Bug A 0 Bugs
Vulnerability A 0 Vulnerabilities
Security Hotspot A 0 Security Hotspots
Code Smell A 0 Code Smells

No Coverage information No Coverage information
0.0% 0.0% Duplication

@irinaschubert irinaschubert marked this pull request as ready for review February 17, 2022 14:44
mpro7
mpro7 approved these changes Feb 18, 2022
View reviewed changes
webapi/src/main/scala/org/knora/webapi/responders/admin/ProjectsResponderADM.scala
PermissionADM.modifyPermission(OntologyConstants.KnoraAdmin.ProjectAdmin),
PermissionADM.viewPermission(OntologyConstants.KnoraAdmin.ProjectAdmin),
PermissionADM.restrictedViewPermission(OntologyConstants.KnoraAdmin.ProjectAdmin)
PermissionADM.modifyPermission(OntologyConstants.KnoraAdmin.ProjectMember)
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Shouldn't the most privileged permission contain all the others? This line then wouldn't be necessary for too.

Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

they differ in the group

docs/03-apis/api-admin/permissions.md
Comment on lines +139 to +150
- `name` : indicates the type of the permission that can be one of the followings.
- `RV`: restricted view permission (least privileged)
- `V`: view permission
- `M` modify permission
- `D`: delete permission
- `CR`: change rights permission (most privileged)
- `permissionCode`: The code assigned to a permission indicating its hierarchical level. These codes are as below:
- `1`: for restricted view permission (least privileged)
- `2`: for view permission
- `6`: for modify permission
- `7`: for delete permission
- `8`: for change rights permission (most privileged)
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Why do we need both ways to describe permissions?

Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I have no idea why both are used, I stumbled upon it as well but it is not the scope of this PR.

Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

V1 and V2. V1 use numbers and V2 uses letters.

@irinaschubert irinaschubert merged commit 04a8d3d into main Feb 18, 2022
@irinaschubert irinaschubert deleted the wip/DEV-514-adjust-default-object-access-permissions branch February 18, 2022 07:54
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@subotic subotic subotic approved these changes

@mpro7 mpro7 mpro7 approved these changes

@BalduinLandolt BalduinLandolt Awaiting requested review from BalduinLandolt

Assignees

@irinaschubert irinaschubert

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
3 participants
@irinaschubert @subotic @mpro7