Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

fix(permissions): Update default object access permissions (DEV-514) #2004

Merged

Conversation

irinaschubert
Copy link
Collaborator

@irinaschubert irinaschubert commented Feb 17, 2022

resolves DEV-514

@irinaschubert irinaschubert self-assigned this Feb 17, 2022
@sonarcloud
Copy link

@sonarcloud sonarcloud bot commented Feb 17, 2022

Kudos, SonarCloud Quality Gate passed!    Quality Gate passed

Bug A 0 Bugs
Vulnerability A 0 Vulnerabilities
Security Hotspot A 0 Security Hotspots
Code Smell A 0 Code Smells

No Coverage information No Coverage information
0.0% 0.0% Duplication

@irinaschubert irinaschubert marked this pull request as ready for review Feb 17, 2022
@irinaschubert irinaschubert requested a review from subotic as a code owner Feb 17, 2022
mpro7
mpro7 approved these changes Feb 18, 2022
PermissionADM.modifyPermission(OntologyConstants.KnoraAdmin.ProjectAdmin),
PermissionADM.viewPermission(OntologyConstants.KnoraAdmin.ProjectAdmin),
PermissionADM.restrictedViewPermission(OntologyConstants.KnoraAdmin.ProjectAdmin)
PermissionADM.modifyPermission(OntologyConstants.KnoraAdmin.ProjectMember)
Copy link
Collaborator

@mpro7 mpro7 Feb 18, 2022

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Shouldn't the most privileged permission contain all the others? This line then wouldn't be necessary for too.

Copy link
Collaborator

@subotic subotic Feb 18, 2022

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

they differ in the group

- `name` : indicates the type of the permission that can be one of the followings.
- `RV`: restricted view permission (least privileged)
- `V`: view permission
- `M` modify permission
- `D`: delete permission
- `CR`: change rights permission (most privileged)
- `permissionCode`: The code assigned to a permission indicating its hierarchical level. These codes are as below:
- `1`: for restricted view permission (least privileged)
- `2`: for view permission
- `6`: for modify permission
- `7`: for delete permission
- `8`: for change rights permission (most privileged)
Copy link
Collaborator

@mpro7 mpro7 Feb 18, 2022

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Why do we need both ways to describe permissions?

Copy link
Collaborator Author

@irinaschubert irinaschubert Feb 18, 2022

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I have no idea why both are used, I stumbled upon it as well but it is not the scope of this PR.

Copy link
Collaborator

@subotic subotic Feb 18, 2022

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

V1 and V2. V1 use numbers and V2 uses letters.

@irinaschubert irinaschubert merged commit 04a8d3d into main Feb 18, 2022
14 checks passed
@irinaschubert irinaschubert deleted the wip/DEV-514-adjust-default-object-access-permissions branch Feb 18, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Development

Successfully merging this pull request may close these issues.

None yet

3 participants