Project

General

Profile

Actions

feature request #6867

closed

explicitely assign and revoke UPDATE & DELETE permission per enitity in the registration workflow

Added by Andreas Kohlbecker about 5 years ago. Updated over 2 years ago.

Status:
Closed
Priority:
New
Category:
cdm-vaadin
Target version:
Start date:
Due date:
% Done:

100%

Estimated time:
(Total: 0:00 h)
Severity:
blocker

Description

After an in depth discussion in #4305 we decided that for phyconbank the strategy D) (per instance UPDATE & DELETE permission) would be the most appropriate:

  • a submitter will get the per instance UPDATE+DELETE permission when creating a Reference, TeamOrPersonBase, Name instance.
  • once a registration is set to the states rejected, ready or published the UPDATE+DELETE permission must be revoked again, so that the registered name and references are protected from being changed after the editing registration workflow has ended.

The RegistrationManager (#6655) will be responsible for assigning and revoking of authorities. NOTE: It is more reliable to implement the revoking of permissions in a GrantedAuthorityRevokingRegistrationUpdateListener which has been implemented with for #7148 in cdm-vaadin|af48539c


For the future is might be good idea to move the assignment of authorities into the cdmlib istelf:

  • A ExtendedCreatePermissionManager. This implements listener interfaces
    • hibernate SaveOrUpdateEventListener or Interceptor to be able to act when a newly created instance of Reference, TeamOrPersonBase, Name, ... is being saved, see #7147
    • RegistrationStateChangeEventLister to be noticed when the registration state is changed to rejected, ready or published so that the permissions can be revoked. ==> this has been implemented as Hibernate PostUpdateEventListener the GrantedAuthorityRevokingRegistrationUpdateListener DONE

Subtasks 1 (0 open1 closed)

feature request #7148: GrantedAuthorityRevokingRegistrationUpdateLister: delete orphan references to GrantedAuthorityImpl in User and GroupClosedAndreas Kohlbecker

Actions

Related issues

Related to EDIT - bug #6886: Entity creation for users having only CREATE may fail in long running conversationsDuplicateAndreas Müller

Actions
Related to PhycoBank - bug #6185: prevent from erroneous author or reference changesClosedAndreas Kohlbecker

Actions
Related to EDIT - bug #7147: GrantedAuthorityRevokingDeleteListener implementedNewAndreas Müller

Actions
Related to EDIT - feature request #7150: GrantedAuthorities & PermissionVoter for Cdm Collection type ClosedAndreas Kohlbecker

Actions
Related to EDIT - task #8168: Check if withdrawing of per entity permission is working correctly for inReferencesNewAndreas Kohlbecker

Actions
Related to EDIT - task #8835: DISCUSS if the UPDATE & DELETE permission stategy should become a general principle in the cdmlibNewAndreas Kohlbecker

Actions
Follows EDIT - feature request #6655: Implement a RegistrationManager with state machineRejectedAndreas Kohlbecker

Actions
Copied from EDIT - feature request #4305: newly created entities must stay editable even if a user only has the permission to create themIn ProgressAndreas Kohlbecker

Actions
Actions #1

Updated by Andreas Kohlbecker about 5 years ago

  • Copied from feature request #4305: newly created entities must stay editable even if a user only has the permission to create them added
Actions #2

Updated by Andreas Kohlbecker about 5 years ago

  • Description updated (diff)
Actions #3

Updated by Andreas Kohlbecker about 5 years ago

  • % Done changed from 10 to 20
Actions #4

Updated by Andreas Kohlbecker about 5 years ago

  • Due date set to 05/22/2017
  • Start date changed from 08/06/2014 to 05/22/2017
  • Follows feature request #6655: Implement a RegistrationManager with state machine added
Actions #5

Updated by Andreas Kohlbecker about 5 years ago

  • Description updated (diff)
Actions #6

Updated by Andreas Kohlbecker about 5 years ago

  • Related to bug #6886: Entity creation for users having only CREATE may fail in long running conversations added
Actions #7

Updated by Andreas Kohlbecker about 5 years ago

  • Related to bug #6185: prevent from erroneous author or reference changes added
Actions #8

Updated by Andreas Kohlbecker about 5 years ago

  • Target version changed from Release 4.10 to Release 4.11
Actions #9

Updated by Andreas Kohlbecker almost 5 years ago

  • Status changed from Feedback to New
Actions #10

Updated by Andreas Kohlbecker almost 5 years ago

  • Description updated (diff)
  • Category changed from cdmlib to cdm-vaadin
Actions #11

Updated by Andreas Kohlbecker almost 5 years ago

  • Description updated (diff)
Actions #12

Updated by Andreas Müller almost 5 years ago

  • Target version changed from Release 4.11 to Release 4.12
Actions #13

Updated by Andreas Müller almost 5 years ago

  • Target version changed from Release 4.12 to Release 4.13
Actions #14

Updated by Andreas Kohlbecker almost 5 years ago

  • Description updated (diff)
  • Status changed from New to In Progress
Actions #15

Updated by Andreas Kohlbecker almost 5 years ago

  • Description updated (diff)
Actions #16

Updated by Andreas Kohlbecker almost 5 years ago

  • Description updated (diff)
Actions #17

Updated by Andreas Kohlbecker almost 5 years ago

  • Related to bug #7147: GrantedAuthorityRevokingDeleteListener implemented added
Actions #18

Updated by Andreas Kohlbecker almost 5 years ago

  • Description updated (diff)
Actions #19

Updated by Andreas Kohlbecker almost 5 years ago

Actions #20

Updated by Andreas Müller over 4 years ago

  • Target version changed from Release 4.13 to Release 4.14
Actions #21

Updated by Andreas Kohlbecker over 4 years ago

  • Target version changed from Release 4.14 to Release 4.13
Actions #22

Updated by Andreas Müller over 4 years ago

Can this be closed or set to review?
When not "In Progress" anymore please close according milestone as all other open tickets are Resolved or Feedback tickets.

Actions #23

Updated by Andreas Kohlbecker over 4 years ago

  • Description updated (diff)
Actions #24

Updated by Andreas Kohlbecker over 4 years ago

  • Status changed from In Progress to Closed

this seems to be fully implemented and properly working, so the issue can be closed.

Actions #25

Updated by Andreas Kohlbecker about 4 years ago

  • Description updated (diff)
Actions #26

Updated by Andreas Kohlbecker about 4 years ago

  • Description updated (diff)
Actions #27

Updated by Andreas Kohlbecker over 2 years ago

  • Related to task #8168: Check if withdrawing of per entity permission is working correctly for inReferences added
Actions #28

Updated by Andreas Kohlbecker over 2 years ago

  • Description updated (diff)
Actions #29

Updated by Andreas Kohlbecker over 2 years ago

  • Related to task #8835: DISCUSS if the UPDATE & DELETE permission stategy should become a general principle in the cdmlib added
Actions

Also available in: Atom PDF