Uploaded image for project: 'Sakai'
  1. Sakai
  2. SAK-28886

Roster2 permission checks need to be adjusted in order to support Delegated Access

    Details

    • Type: Bug
    • Status: RESOLVED
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: 2.9.3
    • Fix Version/s: 10.0
    • Component/s: Roster
    • Labels:
      None
    • Previous Issue Keys:
      RSTR-57

      Description

      Roster2 currently checks the authzgroups directly to see if a user is a member of a site, or is allowed a certain permission, but this bypasses parts of the AuthZ subsystem.

      In KNL-919, DA support was added. This means that all permsision checks must go via SecurityService.unlock methods. This is actually a more correct way of doing it too, since you get the advisor support that is skipped when checking the authzgroup manually.

      Patch attached.

        Gliffy Diagrams

          Attachments

            Issue Links

              Activity

                People

                • Assignee:
                  steve.swinsburg Steve Swinsburg
                  Reporter:
                  steve.swinsburg Steve Swinsburg
                • Votes:
                  0 Vote for this issue
                  Watchers:
                  1 Start watching this issue

                  Dates

                  • Created:
                    Updated:
                    Resolved:

                    Git Source Code