Details

    • Type: Bug
    • Status: Closed
    • Priority: Critical
    • Resolution: Fixed
    • Affects Version/s: Fedora 4.4.0
    • Fix Version/s: Fedora 4.5.1
    • Component/s: f4-auth
    • Labels:
    • Roadmap Theme:
      Services: Authorization
    • Sprint:
      Sprint 2015 - 12, Sprint 2015 - 13

      Description

      This task is to resolve the scenario where a user with read/write permission on a resource is unable to create a version of that resource (or its children).
      To reproduce:
      ** Setup **
      # Create a resource
      curl -i -uadmin1:password3 -XPUT localhost:8080/rest/collection
      # Create a child resource
      curl -i -uadmin1:password3 -XPUT localhost:8080/rest/collection/book
      # Create an ACL
      curl -i -uadmin1:password3 -XPUT localhost:8080/rest/acl
      # Create an Authorization
      curl -i -uadmin1:password3 -XPUT -H"Content-Type: text/turtle" --data-binary @auth.ttl localhost:8080/rest/acl/auth
      # Link the resource to the ACL
      curl -i -uadmin1:password3 -XPATCH -H"Content-Type: application/sparql-update" --data-binary @link.su localhost:8080/rest/collection
      ** Test **
      # Verify "user1" has read access to the resource
      curl -i -uuser1:password1 localhost:8080/rest/collection
      # Try to create a version of the resource as "user1":
      curl -i -uuser1:password1 -XPOST -H"slug: v0" localhost:8080/rest/collection/fcr:versions
      ** BOOM! failure - 403
      # Try to create a version of the child as "user1":
      curl -i -uuser1:password1 -XPOST -H"slug: v0" localhost:8080/rest/collection/book/fcr:versions
      ** BOOM! failure - 403
      # Verify ability to create a version of the resource as "admin1":
      curl -i -uadmin1:password3 -XPOST -H"slug: v0" localhost:8080/rest/collection/fcr:versions

      See attached:
      * auth.ttl
      * link.su

        Attachments

        1. auth.ttl
          0.2 kB
          Andrew Woods
        2. link.su
          0.1 kB
          Andrew Woods

          Issue Links

            Activity

              People

              • Assignee:
                whikloj Jared Whiklo
                Reporter:
                awoods Andrew Woods
                Reviewer:
                Andrew Woods
              • Votes:
                0 Vote for this issue
                Watchers:
                2 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: