Bug #7787
Allow limiting the content types associated to manager roles, add a global manager role like ou scoped manager roles
Start date:
06 Jul 2015
Due date:
% Done:
100%
Estimated time:
Patch proposed:
No
Planning:
Description
- New setting A2_RBAC_MANAGED_CONTENT_TYPES
- Create manager roles only for listed content types
Related issues
History
Updated by Benjamin Dauvergne over 5 years ago
- Copied from Bug #7770: Dans l'agent authentic2 créer un rôle Administrateur added
Updated by Benjamin Dauvergne over 5 years ago
- Related to Bug #7767: Cacher "Applications" dans Authentic added
Updated by Benjamin Dauvergne over 5 years ago
- Related to Bug #7768: Cacher "Entités" dans Authentic quand il n'y en a qu'une added
Updated by Benjamin Dauvergne over 5 years ago
- Status changed from Nouveau to Résolu (à déployer)
- % Done changed from 0 to 100
Appliqué par commit authentic2|553887fd61bcc23dfbfd30210f72a2b7f1dc9a51.
Updated by Benjamin Dauvergne over 5 years ago
- Related to Project management #7773: Changements interfaces du /manage d'Authentic added
Updated by Benjamin Dauvergne about 5 years ago
- Status changed from Résolu (à déployer) to Solution déployée
a2_rbac: allow limiting permissions of OU managers (fixes #7787)
A new setting is added named A2_RBAC_MANAGED_CONTENT_TYPES, it
is a list of pairs of (app, model_name) which specify which object
permissions should be created and associated to the super-user role.
A new global super-user role is also added by this patch.
If A2_RBAC_MANAGED_CONTENT_TYPES is None (the default value), roles
sub-roles are created for each registered contents (currently user,
roles, organizational units, and services). If
A2_RBAC_MANAGED_CONTENT_TYPES is the empty tuple, no role is created
at all.
To limit permissionsto users and roles, set: