Details

    • Type: Sub-task
    • Status: Done
    • Priority: L3 - Default
    • Resolution: Done
    • Affects Version/s: None
    • Fix Version/s: 2.6.0
    • Component/s: backend
    • Labels:
      None

      Description

      Context:
      After roles are assignable to collections with OPT-2545 their enforcement needs to be activated.

      AT:

      • users can only access collections they are authorized to by a role entry for their userId or a group they belong to
      • users can only edit a collection (update & delete) if they have the MANAGER role on the collection
      • users can only edit collection roles if they have the MANAGER role on the collection
      • users can only edit collection scopes if they have the MANAGER role on the collection
      • list endpoints (/collection & /entities) only include collections users are authorized to see based on their collection role
      • the API indicates the role of the current user on a collection

        Attachments

          Issue Links

            Activity

              People

              Assignee:
              Unassigned
              Reporter:
              sebastian.bathke Sebastian Bathke
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

                Dates

                Created:
                Updated:
                Resolved: