Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

No documentation on use of named ACLs #426

Closed
Veraxus opened this issue Jul 28, 2016 · 4 comments
Closed

No documentation on use of named ACLs #426

Veraxus opened this issue Jul 28, 2016 · 4 comments
Labels
Milestone

Comments

@Veraxus
Copy link

@Veraxus Veraxus commented Jul 28, 2016

There is no documentation on use of named ACLs.

Source:
https://github.com/simplesamlphp/simplesamlphp/blob/master/config-templates/acl.php

This file mentions that named ACLs "can be reused in several places." but does not specify where or how. There are no other clues in the source code, either - not in config.php or authsources.php. Likewise, the only authz documentation on the website is this:

https://simplesamlphp.org/docs/stable/authorize:authorize

Which does not discuss the topic of named ACLs at all. I'm not sure how to implement this feature at all since there is no documentation, samples, comments, etc at all, anywhere. Likewise, the above is only useful in circumstances where a single SP is in use. It's not useful at all if you need to specify a named ACL for a specific SP in an environment with multiple SPs.

@thijskh
Copy link
Member

@thijskh thijskh commented Jul 29, 2016

It seems this functionality is currently only in use in modules/statistics/ as one of several options to grant access to the statistics web interface. That module grants access if you're the admin user, or if you're in a list of allowed userid's, or if you match a specific named acl from acl.php.

@thijskh
Copy link
Member

@thijskh thijskh commented Nov 14, 2016

So obviously we could document it, but given te observations by @Veraxus and myself above, maybe just remove this functionality?

  • No documentation, samples, comments
  • Only usable when there's a single SP
  • Only usable with statistics module which provides other authz options
@thijskh thijskh added the needsinfo label Nov 19, 2018
@tvdijen tvdijen added this to the 2.0 milestone Nov 21, 2018
@tvdijen
Copy link
Member

@tvdijen tvdijen commented Nov 21, 2018

It was decided this should be removed for 2.0. There will be no replacement for this functionality

@tvdijen
Copy link
Member

@tvdijen tvdijen commented May 5, 2020

The class was removed

@tvdijen tvdijen closed this May 5, 2020
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Linked pull requests

Successfully merging a pull request may close this issue.

None yet
4 participants