Project

General

Profile

Task #2827

nesting groups requires schema change*

Added by Rob Nahf over 12 years ago. Updated over 9 years ago.

Status:
In Progress
Priority:
Normal
Assignee:
Dave Vieglais
Category:
d1_schemas
Target version:
CCI-2.0-TRUNK
Start date:
2014-07-09
Due date:
% Done:

30%

Estimated time:
0.00 h
Milestone:
None
Product Version:
Story Points:
Sprint:

Description

If we are supporting nested groups for the purpose of inheriting the access rights of a parent group, the Group datatype needs an isMemberOf element for efficiently building subjectInfo from a given subject.

Currently the parent group references the subgroup using hasMember element, but there is not a reference from the subgroup to the parent group. This is problematic because the starting point for building the SubjectInfo for a certificate is typically a Person subject. the Person.isMemberOf element allows traversal to Groups that they are directly members of, but if those groups are subgroups of other Groups, there's no reference to them.

CN.getSubjectInfo needs to traverse every registered group and subgroup to pick up parent Groups for a particular person (even if there aren't any, it needs to check).

History

#1 Updated by Rob Nahf over 12 years ago

  • Priority changed from Normal to Immediate
  • Category set to Documentation
  • Subject changed from nesting groups requires schema change to nesting groups requires schema change*
  • Assignee set to Dave Vieglais

#2 Updated by Dave Vieglais over 12 years ago

This does indeed appear to be a significant deficiency in the schema design, and precludes the use of nested groups.

Since this is a schema change, it will be necessary to defer until after initial release, which in turn implies that we should not directly support nested groups, however I do not believe there are any checks against groups containing group subjects.

#3 Updated by Dave Vieglais over 12 years ago

  • Target version changed from Sprint-2012.19-Block.3.2 to Sprint-2012.29-Block.4.3
  • Priority changed from Immediate to Normal

Deferring this issue until after public release. It does not appear to block any required functionality.

#4 Updated by Robert Waltz over 12 years ago

  • Milestone changed from CCI-1.0.0 to CCI-1.1

#5 Updated by Chris Jones about 12 years ago

  • Target version changed from Sprint-2012.29-Block.4.3 to Sprint-2012.37-Block.5.3

#6 Updated by Dave Vieglais about 12 years ago

  • translation missing: en.field_remaining_hours set to 0.0
  • Target version deleted (Sprint-2012.37-Block.5.3)
  • Milestone changed from CCI-1.1 to None

This issue will require fairly wide spread changes.

Need to discuss and develop detailed specifications before implementing if necessary.

#7 Updated by Robert Waltz over 11 years ago

  • Parent task set to #3755

#8 Updated by Robert Waltz almost 11 years ago

  • Estimated time set to 0.00
  • Parent task changed from #3755 to #2829

#9 Updated by Ben Leinfelder over 10 years ago

  • Status changed from New to In Progress
  • Start date set to 2014-07-09

What's the verdict - will v2 support nested Groups?

#10 Updated by Robert Waltz about 10 years ago

  • Target version set to CCI-2.0.0

#11 Updated by Ben Leinfelder over 9 years ago

  • Parent task deleted (#2829)
  • % Done changed from 0 to 30
  • Category changed from Documentation to d1_schemas

Pushing this to backlog - not a 2.0 critical change nor a feature that is being asked for by users. IRC discussion with MBJ, DV, BRL and CJ.

Also available in: Atom PDF

Add picture from clipboard (Maximum size: 14.8 MB)