Project based security

Greg Parker, geändert vor 10 Jahren.

Project based security

Youngling Beitrag: 1 Beitrittsdatum: 25.08.10 Neueste Beiträge
Does Klaros support project based security? It appears to me that once a user has been created, that user has access to all projects. There also appears to be a security bug related to creating users. I created an account with the role "tester". I logged in with this account and was able to create other users. I couldn't see the other users until I logged back in with an account with the admin role.
thumbnail
Torsten Stolpmann, geändert vor 10 Jahren.

RE: Project based security

Jedi Council Member Beiträge: 759 Beitrittsdatum: 12.02.09 Neueste Beiträge
Hi Greg,

Does Klaros support project based security? It appears to me that once a user has been created, that user has access to all projects.


Not in its current state. The currently implemented authorization scheme is definitely lacking in this area. I opened a feature request for this (KLAROS-955 - Support a project based authorization scheme). With the release of 3.0 we are beginning to concentrate on advanced features like this one, expect this to be an Enterprise Edition only feature.

I created an account with the role "tester". I logged in with this account and was able to create other users.


This is a known regression introduced in 3.0 (tester/manager roles are interchanged here) which is already fixed towards the upcoming 3.1.

I couldn't see the other users until I logged back in with an account with the admin role.


This is the intended behavior at the moment, but seems to confuse a lot of people (You are only able to see users with a lower role or yourself). We see if we find a better solution here.

Thanks for your feedback!

Regards

Torsten