Task #1678
Story #1676: Rules for restricting service methods
lookup restrictions from the CN nodeList when needed
100%
Description
In order to enforce the restrictions, implementations should look up themselves in the node registry to see whether or not they allow the method to be called by the given subject. A NotAuthorized exception should be thrown if they are not allowed to call the method.
If a service lacks any restrictions, it is considered open to all users (subject, of course, to the permission rules that are in force for any data or metadata that the method interacts with).
Related issues
History
#1 Updated by Ben Leinfelder about 13 years ago
example CN methods where this will be used:
CNIdentity.mapIdentity()
CNCore.addFormat() -- not yet defined in API
#2 Updated by Ben Leinfelder about 13 years ago
- Category set to d1_cn_service
- Milestone changed from CCI-0.6.3 to CCI-1.0.0
#3 Updated by Ben Leinfelder about 13 years ago
- % Done changed from 0 to 50
I've added this to the CNIdentity.mapIdentity method
#4 Updated by Ben Leinfelder about 13 years ago
- Status changed from New to Closed
since we don't have addFormat() for initial release, I'm going to close this now.