[ODATA-1316] Should support multiple permissions for read/write - OASIS Technical Committees Issue Tracker

XML

Word

Printable

Details

Type: Bug
Status: Closed
Priority: Major
Resolution: Fixed
Affects Version/s: V4.01_CS02
Fix Version/s: V4.01_CS02
Component/s: Vocabularies
Labels:
None
Environment:

Approved to merge and close. 2019-7-18.

Proposal:

Hide

Change the "Permission" property to "Permissions", and "PermissionType" to "Collection(PermissionType)", where used in the capabilities vocabulary.

Show
Change the "Permission" property to "Permissions", and "PermissionType" to "Collection(PermissionType)", where used in the capabilities vocabulary.
Resolution:

Hide

https://github.com/oasis-tcs/odata-vocabularies/pull/54

Show
https://github.com/oasis-tcs/odata-vocabularies/pull/54

Description

Authentication schemes define scopes that govern the permissions that an authenticated client has when accessing the service.

A service may support multiple different schemes for authentication.

This is well supported today in our authentication vocabulary.

However, access to an individual resource today is specified through a PermissionType, which specifies a set of scopes from a single authentication scheme. If the service supports multiple authentication schemes, then any of the supported authentication schemes may control access to the resource.

Where controlling access to a resource, the capabilities vocabulary should specify a collection of PermissionTypes (required scopes from a particular authentication scheme) that can be used to access a resource.

Attachments

Activity

People

Assignee:

Ralf Handl

Reporter:

Michael Pizzo

Watchers:

1 Start watching this issue

Dates

Created:

21/Jun/19 12:17 PM

Updated:

31/Jul/19 2:16 PM

Resolved:

21/Jun/19 5:42 PM