Project

General

Profile

Task #1678

Story #1676: Rules for restricting service methods

lookup restrictions from the CN nodeList when needed

Added by Ben Leinfelder almost 13 years ago. Updated over 12 years ago.

Status:
Closed
Priority:
Normal
Assignee:
Ben Leinfelder
Category:
d1_cn_service
Target version:
Sprint-2011.49-Block.6
Start date:
2011-07-13
Due date:
% Done:

100%

Milestone:
CCI-1.0.0
Product Version:
*
Story Points:
Sprint:

Description

In order to enforce the restrictions, implementations should look up themselves in the node registry to see whether or not they allow the method to be called by the given subject. A NotAuthorized exception should be thrown if they are not allowed to call the method.
If a service lacks any restrictions, it is considered open to all users (subject, of course, to the permission rules that are in force for any data or metadata that the method interacts with).

Related issues

Blocked by Infrastructure - Story #1964: node registry needs to store Node.Service.ServiceMethodRestriction elements Closed 2011-11-02

History

#1 Updated by Ben Leinfelder over 12 years ago

example CN methods where this will be used:
CNIdentity.mapIdentity()
CNCore.addFormat() -- not yet defined in API

#2 Updated by Ben Leinfelder over 12 years ago

  • Category set to d1_cn_service
  • Milestone changed from CCI-0.6.3 to CCI-1.0.0

#3 Updated by Ben Leinfelder over 12 years ago

  • % Done changed from 0 to 50

I've added this to the CNIdentity.mapIdentity method

#4 Updated by Ben Leinfelder over 12 years ago

  • Status changed from New to Closed

since we don't have addFormat() for initial release, I'm going to close this now.

Also available in: Atom PDF

Add picture from clipboard (Maximum size: 14.8 MB)