THIS IS A TEST INSTANCE. ALL YOUR CHANGES WILL BE LOST!!!!
...
| Table of Contents | ||||
|---|---|---|---|---|
|
Realms
Tracked as SYNCOPE-119.
...
| before | after | description |
|---|---|---|
GET /realms GET /realms/a/b | list realms starting at given root: all realms in the former case, realms rooted at /a/b in the latter case | |
| GET /realms/a/b/c | read realm /a/b/c | |
| POST /realms/a/b | create realm under /a/b | |
| PUT /realms/a/b/c/d | update realm /a/b/c/d | |
| DELETE /realms/a/b | delete realm /a/b (and all sub-realms) | |
| GET /users | GET /users GET /users/a/b | list users under the given realm (e.g. assigned to given realm and related sub-realms): all users in the former case, users in realm /a/b (all all sub-realms) in the latter case |
| POST /users | POST /users POST /users/a/b | create user under the given realm: root realm in the former case, /a/b in the latter case |
| GET /users/search | GET /users/search GET /users/a/b/search | search users under the given realm: root realm in the former case, /a/b in the latter case |
| GET /roles | GET /roles GET /roles/a/b | see users |
| POST /roles | POST /roles | see users |
| GET /roles/search | GET /roles/search GET /roles/a/b/search | see users |
New security model
This is a direct replacement of current security model.
The idea is that any user U under realm R which is granted an user- or role-related entitlement can exercise such entitlement on all users or roles of R and related sub-realms.
Example