Menu
▾
▴
Re: [Exist-development] Proposal to change security design of groups
|
From: Chris T. <chr...@gm...> - 2010-09-27 11:41:40
|
+1 and I would suggest that a group owner may add other users as owners so that User A can leave the group after User B has been made an owner. Presumably members of group dba will continue to have complete control.
This sort of mechanism obviously will get rid of "business policy" code that checks group membership for a user and then authenticates as a dba user in order to do these sorts of group management functions.
Chris
On Sep 27, 2010, at 5:02 PM, Adam Retter wrote:
> At present a lot of the operations around permissions are restricted
> to users in the DBA group. This is a artificial restriction that we
> have imposed to try and keep a high level of security. I think that
> this is a legacy, which in fairness was required, before Dmitriy's
> excellent work to modernise and massively improve the security
> architecture in eXist-db.
>
> However, I have two use cases (and there are probably others), whereby
> I need to decompose the security architecture in eXist-db further to
> allow us to build good web applications, where security can be managed
> by appropriately by authorised and authenticated users.
>
> Use Case 1
> ----------------
> A user creates a group, and then later wishes to remove the group.
>
> Problem - At present anyone can create a group, BUT only users in the
> DBA group can delete a group. It is undesirable to make all users DBA
> as this gives them complete control over the running eXist-db
> instance.
>
>
> Use Case 2
> ----------------
> A user creates a group, and then needs to be able to invite other
> users into his group for the purposes of sharing data.
>
> Problem - At present anyone can create a group, BUT only users in the
> DBA group can add a user to a group.
>
>
>
> Proposed Solution
> --------------------------
> Introduce the concept of ownership of a groups. The user who creates a
> group, is the owner of that group.
>
> e.g. If the user "User A" creates a group "Group 1", he is the owner
> of the group "Group 1".
> 1) "User A" can add any other user to "Group 1", because he is the
> owner of that group.
> 2) Any user can remove themselves from any group they choose - I
> cannot think of a case where downgrading a users rights prevents a
> security risk. This is the users right!
> 3) "User A" can also delete "Group 1" when he choose because he is the
> owner of that group. Again this is a case of downgrading users rights.
>
> Thanks Adam.
>
> --
> Adam Retter
>
> eXist Developer
> { United Kingdom }
> ad...@ex...
> irc://irc.freenode.net/existdb
>
> ------------------------------------------------------------------------------
> Start uncovering the many advantages of virtual appliances
> and start using them to simplify application deployment and
> accelerate your shift to cloud computing.
> http://p.sf.net/sfu/novell-sfdev2dev
> _______________________________________________
> Exist-development mailing list
> Exi...@li...
> https://lists.sourceforge.net/lists/listinfo/exist-development
|
