Loading...

XML

Word

Printable

Details

Type: Improvement
Resolution: Fixed
Priority: Major
Fix Version/s: 6.1-rc-1
Affects Version/s: 6.0.1
Component/s: Security
Labels:
None

Difficulty:
Unknown
Documentation:
http://extensions.xwiki.org/xwiki/bin/view/Extension/Security+Module#HContextualAPIinterface28since6.1RC129
Documentation in Release Notes:
http://www.xwiki.org/xwiki/bin/view/ReleaseNotes/ReleaseNotesXWiki61RC1#HNewcontextualauthorizationmanagerrole
Similar issues:

Description

Using the directly the AuhorizationManager to check access is not appropriate since it does not take into account contextual aspect, like the dropPermission feature, or the upcoming signed script feature.

Using the XWikiCachingRightService from component is not pratical since it depends on old core and this is not a component.

So we need a new component, independent of old core that take into account the context to provide authorization.

Attachments

Activity

People

Assignee:: Denis Gervalle

Reporter:: Denis Gervalle

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Dates

Created:: 04/Jun/14 12:36

Updated:: 18/Jun/14 21:38

Resolved:: 18/Jun/14 21:37

Date of First Response:: 16/Jun/14 7:44 AM