Edgewall Software

Changes between Version 6 and Version 9 of Ticket #11697


Ignore:
Timestamp:
Aug 1, 2014, 9:24:51 AM (5 years ago)
Author:
Ryan J Ollos
Comment:

Changes committed to trunk in [13055]. More work will be done in milestone:1.1.3 by adding additional tests (comment:4), defining and documenting proper behavior for the report and ticket realms.

If we keep -1 as the resource id for the Report List page, then it might also make sense to use -1 as the resource id for the Query page. That would allow an authz policy for granting access to the query page such as the following:

[ticket:-1]
* = TICKET_VIEW

Legend:

Unmodified
Added
Removed
Modified
  • Ticket #11697 – Release Notes

    v6 v9  
    1 Fine-grained permissions can be used to restrict access to the report listing page using the resource id `-1`. Fine-grained permissions can be used to grant the `REPORT_CREATE` permission for the report realm (using `[report:*]` in the authz file).
     1 * Fine-grained permissions can be used to restrict access to the //Report List// page using the resource id `-1`.
     2 * Fine-grained permission checks are implemented on the //Report List// resource (for ReportModule) and the ticket realm (for QueryModule) before displaying the mainnav and contextual navigation items.
     3 * Fine-grained permissions can be used to grant the `REPORT_CREATE` permission for the report realm (using `[report:*]` in the authz file).
  • Ticket #11697 – API Changes

    v6 v9  
     1Added class attribute `REPORT_LIST_ID` to the `ReportModule` class, containing the resource id of the //Report List// page.