Actions
Task #2165
closedAuthorization policies - check change user type permission on backend
Status:
Closed
Priority:
Normal
Assignee:
Radek Tomiška
Category:
Authentication / Authorization
Target version:
Start date:
03/30/2020
Due date:
% Done:
100%
Estimated time:
Owner:
Description
New base persmission 'CHANGEPROJECTION' was added for secure changing identity form form projection. This permission is used on frontend only - implement validation processor on identity and check permission on backend to - lookout, permission should be evaluated just when ''UPDATE'' permission is required (prevent check for internal processes like synchronization).
Related issues
Actions