Task #545 (closed)
IAdmin Feature Additions for Admin Tool
Reported by: | cxallan | Owned by: | cxallan |
---|---|---|---|
Priority: | minor | Milestone: | 3.0-Beta2 |
Component: | API | Version: | n.a. |
Keywords: | iteration6 | Cc: | jamoore, dzmacdonald, atarkowska |
Resources: | n.a. | Referenced By: | n.a. |
References: | n.a. | Remaining Time: | n.a. |
Sprint: | n.a. |
Description (last modified by jmoore)
Change History (5)
comment:1 Changed 17 years ago by cxallan
- Description modified (diff)
- Status changed from new to assigned
comment:2 Changed 17 years ago by jmoore
- Description modified (diff)
- Keywords security REVIEW added
From an email (Dec 6):
What are the exact requirements on updateExperimenter() and
updateGroup()? Does it suffice to change the String fields:
- first name
- email address
- etc.
If so, it might make sense to change the implementations from:
iUpdate.saveObject(group);
to
copy = copyGroup(group); copy.setName(group.getName()); ... etc. ... iUpdate.saveObject(copy);
because there are all kinds of things that can go on in there --
adding groups, removing groups, changing the owner of groups, changing
the login name ("root"->"bob"). ... [These actions] except for changing the
login name, are covered by the rest of the IAdmin methods.)
From a talk with Chris (later that day):
- Perhaps unloading rather than copying?
- For now (milestone:3.0-Beta1), we let update stand.
- For milestone:3.0-RC1, we review with our security glasses on.
- Long term goal is to be able to pass in a single Experimenter/Group? for atomic updates (including collections) -- allows for some client side state and cancelling.
- In general, we need to decide on what root and admin should be allowed to do. What's the policy? Can anyone do any editing like with /etc/passwd ?
comment:3 Changed 17 years ago by cxallan
- Milestone changed from 3.0-Beta1 to 3.0-RC1
- Version changed from 3.0-Beta1 to 3.0-RC1
Re-assigning to RC1.
comment:4 Changed 17 years ago by cxallan
- Cc atarkowska added
- Resolution set to fixed
- Status changed from assigned to closed
- Version 3.0-RC1 deleted
This has all largely been solved by the WebAdmin? tool.
comment:5 Changed 17 years ago by cxallan
- Keywords iteration6 added; security REVIEW removed
Non-invasive methods (ie. not deleteGroup()) have been added in r1117.