THIS IS A TEST INSTANCE. ALL YOUR CHANGES WILL BE LOST!!!!
This page contains topics supporting ongoing discussion at dev@syncope.apache.org.
Tracked as SYNCOPE-1281.
Requirements
Enable Syncope with the ability to define, map and query the rights that users own on external applications.
Design
Introduce two new entities:
- Application - with name and optional description
- Privilege - with name and optional specification, where specification is a binary field where it is possible to store arbitrary values - for example some descriptive JSON to provide operational information about this privilege: it could be
{ "method": "POST", "url": "/a/b/c" }
and then 3rd party applications can provide their own interpretation
An Application can have zero or more Privileges attached.
Roles can be associated to zero or more Privileges.