Task #6601

Introduce a new roles definition syntax including runtime constraints

Added by Andreas Förthner almost 11 years ago. Updated over 10 years ago.

Status:
On Hold
Priority:
Could have
Assignee:
Andreas Förthner
Category:
Security
Target version:
-
Start date:
2010-02-25
Due date:
% Done:

0%

Estimated time:
Sprint:
PHP Version:
Has patch:
Complexity:

Description

The roles definition in the Policy.yaml should look like that in the future:

roles:
Administrator:
parentRoles: []
Speaker:
parentRoles: [Administrator]
constraint: party.name "andi" && party.address.street "at home"

Note the new feature of runtime constraints!

Related issues

Related to TYPO3.Flow - Major Feature #5659: Implement content securityResolvedAndreas Förthner2009-12-07

Actions
#1

Updated by Andreas Förthner almost 11 years ago

  • Status changed from New to Accepted
#2

Updated by Andreas Förthner almost 11 years ago

  • Status changed from Accepted to On Hold
  • Priority changed from Should have to Could have
  • Target version deleted (1.0 alpha 8)

The role constraints should be implemented on the account side. As this feature seems not to be too important, we will postpone it until there's a real need for it.

#3

Updated by Andreas Förthner almost 11 years ago

One use case could be a system like forge. There you have different projects and in each project you have different roles. We have to evaluate this and check if role constraints are the right solution for such a setup.

Also available in: Atom PDF