Project

General

Profile

bug #7520

Restore GrantedAuthorities removed by GrantedAuthorityRevokingRegistrationUpdateLister when the regsitration state returns to PREPARATION

Added by Andreas Kohlbecker over 1 year ago. Updated over 1 year ago.

Status:
New
Priority:
Priority12
Category:
cdm-vaadin
Target version:
-
Start date:
06/27/2018
Due date:
% Done:

0%

Severity:
normal
Found in Version:

Description

Currently the GrantedAuthorityRevokingRegistrationUpdateLister withdraws GrantedAuthorities from the sumbitter when the RegistrationStatus changes to

  • RegistrationStatus.PUBLISHED,
  • RegistrationStatus.READY,
  • RegistrationStatus.REJECTED

It might be better to also revoke permissions when the Registration is passed to the curation. But this would require to restore the permissions when the RegistrationStatus is changed back to PREPARATION.

1. Store all revoked GrantedAuthorities in a Extensions of e new Type: RevokedSumbitterAuthorities
1. once the RegistationState turns to PUBLISHED oder REJECTED remove the RevokedSumbitterAuthorities?
1. Restore the RevokedSumbitterAuthorities for (the current submitter?) once the RegistationState turns back to PREPARATION

This first idea has been rejected, see the comments below for other options:

  • #7520#note-3 : GrantedAuthorities can be disabled
  • #7520#note-5 : GrantedAuthorities are inferred from the Registration object graph state
  • ...

Related issues

Related to Edit - feature request #6655: Implement a RegistrationManager with state machine Rejected 05/19/2017

History

#1 Updated by Andreas Kohlbecker over 1 year ago

#2 Updated by Andreas Kohlbecker over 1 year ago

  • Description updated (diff)
  • Priority changed from New to Highest

#3 Updated by Andreas Kohlbecker over 1 year ago

  • Description updated (diff)

The first idea of preserving the authorities in an Extension is not applicable since neither Registration nor User are IdentifiablyEntities and can not have extensions.

A better and feasible idea is to modify the GrantedAuthorities themself by modifying the GrantedAuthority string representations that are stored in the backend. By this the GrantedAuthorities becomes invalid for the parser in CdmAuthority and will be skipped in the voting process. This modification must also contain a reference to the Registration, so that the context in which they existed is preserved.

As discussed in WorkshopRightsAndRoles2017-11 GrantedAuthorities might become cdm model classes. This possible future of the GAs must be respected already when implementing the inactivation

#4 Updated by Andreas Kohlbecker over 1 year ago

  • Description updated (diff)

#5 Updated by Andreas Kohlbecker over 1 year ago

  • Description updated (diff)

The next idea came up during a call with Andreas Müller:

The GrantedAuthorities are deleted as it is at the moment. When the RegistrationStatus turns back to PREPARATION the system infers the required GrantedAuthorities for the entities which are involved in a Registration. The following criteria might help in pick out the entities which should be editable:

  • Creator = Submitter
  • ??

#6 Updated by Andreas Kohlbecker over 1 year ago

  • Description updated (diff)
  • Priority changed from Highest to Priority12
  • Target version deleted (Release 5.2)

Also available in: Atom PDF

Add picture from clipboard (Maximum size: 40 MB)