[PATCH 1 of 2 saem] [security] Test and fix permissions for ARK NAA
denis.laxalde at logilab.fr
Fri Apr 14 11:21:01 CEST 2017
Sylvain Thenault a écrit :
> # HG changeset patch
> # User Sylvain Thénault <sylvain.thenault at logilab.fr>
> # Date 1492069848 -7200
> # Thu Apr 13 09:50:48 2017 +0200
> # Node ID 85e085e85f4a703e597863dbf45a042970050c37
> # Parent dccf96319df2d2b68734615bf61a4995fd2decd7
> # Available At http://hg.logilab.org/review/cubes/saem_ref
> # hg pull http://hg.logilab.org/review/cubes/saem_ref -r 85e085e85f4a
> [security] Test and fix permissions for ARK NAA
> Should be only editable by managers.
> In test, we now have to protect default NAA creation by the security context
> manager to deactivate write security, since it be called using an non-admin
> connection because of the lazy organization/naa creation mecanism.
This adds another layer of non-explicit behaviors and, as said
previously I don't think this is a good move.
More information about the saem-devel