Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Multi user support: user resource permissions in servlet requests #38

Closed
cnoelle opened this issue Jul 12, 2018 · 1 comment
Closed

Multi user support: user resource permissions in servlet requests #38

cnoelle opened this issue Jul 12, 2018 · 1 comment
Labels
enhancement
Milestone
Release 2.2.0

Comments

@cnoelle
Copy link

cnoelle commented Jul 12, 2018

Currently resource permissions are only evaluated for machine/REST users, but not for natural users accessing resources via servlet requests from a user page. Resource permissions are determined by the app permissions alone. To support real multi-user configurations, the applicable permissions in a servlet request should be determined as the intersection of user permissions and app permissions.

Example use case: consider a building with several rooms, where some users may control the settings (e.g. the temperature setpoint) for specific rooms only, but not for all of them. A possible way to achieve this could be to restrict the resource permissions for Rooms (assuming the app does not cache the room resources).
@cnoelle cnoelle added this to the Release 2.1.4 milestone Jul 12, 2018
@cnoelle
Copy link
Author

cnoelle commented Feb 19, 2019

implemented

@cnoelle cnoelle closed this as completed Feb 19, 2019
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement
Projects
None yet
Milestone
Release 2.2.0
Development

No branches or pull requests
1 participant
@cnoelle