Project

General

Profile

Actions
Copy link

Task #2234

closed

Authorization policies - use selected persmissions only from transitive evaluator

Added by Radek Tomiška about 4 years ago. Updated almost 4 years ago.

Status:
Closed
Priority:
Normal
Assignee:
Radek Tomiška
Category:
Authentication / Authorization
Target version:
10.3.0
Start date:
04/29/2020
Due date:
% Done:

100%

Estimated time:
Owner:

Description

When transitive evaluator is configured, then all owner permissions are granted transitivelly. This in not required in some UC.

Example:
- i want to read and edit subordinate (identity), but i don't want to edit all it's contracts.

Add permissions support to transitive policies (AbstractTransitiveEvaluator) - configured permissions will be used for owner permissions intersection => only selected permissions will be granted by owner.

Related issues

Related to IdStory Identity Manager - Task #2229: Identity projection - support edit more contracts in projectionClosedRadek Tomiška04/23/2020

Actions
Related to IdStory Identity Manager - Task #1784: LRT: support multiple propertiesClosedRadek Tomiška08/07/2019

Actions
Related to IdStory Identity Manager - Task #2239: Authorization policies - prevent to configure IdentityContractByIdentityEvaluator and IdentityByContractEvaluator simultaneouslyNewRadek Tomiška05/06/2020

Actions
Actions
Copy link

Also available in: Atom PDF