XWiki Platform
  1. XWiki Platform
  2. XWIKI-13466

Add API to manipulate (add/remove) rights with the Security module

    Details

    • Type: Improvement Improvement
    • Status: Open Open
    • Priority: Major Major
    • Resolution: Unresolved
    • Affects Version/s: 8.1
    • Fix Version/s: None
    • Component/s: Security
    • Labels:
      None
    • Difficulty:
      Medium
    • Similar issues:

      Description

      The Security Module introduced in XWIKI-5267 (4.0M2) is very nice for checking authorization status of a user over an entity, but this is currently just read-only.

      We are severely lacking API to add or remove XWiki rights, without having to resort to XWiki`s model API and working with low level (objects, classes, properties, etc.). All of these are implementation details that are very hard to work with (most notably the "levels" property that contains a comma separated list of rights), very verbose, very error-prone and that ultimately also prohibit us from ever changing or replacing the rights implementation easily, without changing all the places where rights are set by hand.

      One example of simple task, yet difficult to implement is: "Add the 'view' right of a user to a page if it is not already set". To accomplish this correctly, you have a multitude of situation to look out for and you will end up writing several pages of code to get it right. The next guy will have to do the same.

        Issue Links

          Activity

          There are no comments yet on this issue.

            People

            • Assignee:
              Unassigned
              Reporter:
              Eduard Moraru
            • Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

              • Created:
                Updated: