Project

General

Profile

Actions

Task #96

closed

Notifications and emails security

Added by Radek Tomiška over 8 years ago. Updated over 8 years ago.

Status:
Closed
Priority:
Normal
Assignee:
Radek Tomiška
Category:
Authentication / Authorization
Target version:
Start date:
08/16/2016
Due date:
% Done:

100%

Estimated time:
6.00 h
Owner:

Description

Please implement security to notifications and email (audit) agendas:
  • new authorities have to be created (IdmGroupPermission)
  • all operations (CRUD) has to be secured by previously created authorities
Actions #1

Updated by Radek Tomiška over 8 years ago

  • Status changed from New to In Progress
Actions #2

Updated by Radek Tomiška over 8 years ago

  • Status changed from In Progress to Needs feedback
  • Assignee changed from Radek Tomiška to Ondřej Kopr
  • % Done changed from 0 to 90
I've added security to agendas (BE & FE):
  • organization
  • identity
  • role
  • notification
  • audit

All authorities in application is used properly now.

Please make a test and review.

Actions #3

Updated by Ondřej Kopr over 8 years ago

  • Status changed from Needs feedback to Resolved
  • Assignee changed from Ondřej Kopr to Radek Tomiška
  • % Done changed from 90 to 100

Code review - found on several commits on github - OK

On BE:
Test with soapIU, on user with no authority: access to all agendas - OK

On FE:
Create roles with permission and try to get different agendas. - OK

Result: OK

Actions #4

Updated by Radek Tomiška over 8 years ago

  • Status changed from Resolved to Closed
Actions

Also available in: Atom PDF