Story #2833
Limit ability to create groups within groups through createGroup and updateGroup
Status:
Closed
Priority:
Normal
Assignee:
Ben Leinfelder
Category:
d1_identity_manager
Target version:
Start date:
2012-05-30
Due date:
2012-10-06
% Done:
100%
Story Points:
Sprint:
Description
The REST methods CNIdentity.createGroup and updateGroup should check that subjects included in the group are not group names to prevent the creation of nest group structures.
Regular subject DNs and the symbolic principals "verifiedUser", "authenticatedUser", and "public" are permitted as group members.
This restriction may be relaxed in the future if it is deemed necessary to fully support nested group structures.
On error, the method can raise InvalidRequest with an appropriate message.
History
#1 Updated by Dave Vieglais over 12 years ago
- Target version changed from Sprint-2012.23-Block.3.4 to Sprint-2012.29-Block.4.3
- Milestone changed from CCI-1.0.0 to CCI-1.0.3
#2 Updated by Dave Vieglais over 12 years ago
- Target version changed from Sprint-2012.29-Block.4.3 to Sprint-2012.35-Block.5.2
- Milestone changed from CCI-1.0.3 to CCI-1.0.5
#3 Updated by Chris Jones about 12 years ago
- translation missing: en.field_remaining_hours set to 0.0
- Due date set to 2012-09-08
- Milestone changed from CCI-1.0.5 to CCI-1.1
#4 Updated by Chris Jones about 12 years ago
- Due date changed from 2012-09-08 to 2012-10-06
- Target version changed from Sprint-2012.35-Block.5.2 to Sprint-2012.39-Block.5.4
#5 Updated by Ben Leinfelder about 12 years ago
- Status changed from New to Closed
no restricting Groups to only include members that are not Groups