Task #6600

Remove the privilege concept vom ACLs

Added by Andreas Förthner about 3 years ago. Updated over 2 years ago.

Status:Resolved Start date:2010-02-25
Priority:Must have Due date:
Assignee:Andreas Förthner % Done:

100%
Category:Security
Target version:TYPO3 Flow Base Distribution - 1.0 alpha 8
Sprint: Has patch:
PHP Version: Complexity:
Votes: 0

Description

ACL entries will simply define the access privilege by defining a GRANT or DENY for a resource. Example Policy.yaml entry:

acls:
Speaker:
UpdateOwnPaper: GRANT
ownAccount: GRANT
deleteAccount: DENY

The policy service should then provide two API methods: hasAccessOnJoinPoint() and hasAccessOnResource()

Related issues

related to TYPO3.Flow - Major Feature #5659: Implement content security Resolved 2009-12-07

Associated revisions

Revision a8cc2883
Added by Andreas Förthner about 3 years ago

[+FEATURE] FLOW3 (Security): Implemented runtime evaluations support for policy resources. Resolves #6599, relates to #5659
[~TASK] FLOW3 (Security): Removed the old privileges concept. Now there is only one (implicit) access privilege. Resolves #6600, relates to #5659

History

#1
Updated by Andreas Förthner about 3 years ago

  • Status changed from New to Accepted

#2
Updated by Andreas Förthner about 3 years ago

  • Status changed from Accepted to Resolved
  • % Done changed from 0 to 100

Applied in changeset r3881.

Also available in: Atom PDF