Bifrost icon indicating copy to clipboard operation
Bifrost copied to clipboard

Published 20 hours ago verified publisher icon dolittle

CommandSecurityProxies should not be included in Bifrost/Application

Open bnordli opened this issue 8 years ago • 0 comments

Description

CommandSecurityProxies should not be included in Bifrost/Application. Original issue, ProCoSys#45.

The problem is that Bifrost/Application is cached during first load, and therefore hard codes command permissions for user that first logs into the system. (Correct command permissions comes when loading Bifrost/Security, which is not cached.)

So if a client don't load Bifrost/Security, or the files are loaded in the wrong order, the client will act as if the user has the wrong permissions.

Finished implementation in cbdfa52e.

Steps to recreate

  1. Implement a Bifrost client with a client that changes depending on a user having access to a command. (For instance fields set to read only if no write access.)
  2. Start the server and log in as a user with access to everything. The client believes correctly the user has access to the command.
  3. Log out and log in as a user with no access.

Current behavior

The client believes incorrectly that the second user has access to the command.

Expected behavior

The client should refresh the command permission and see that the second user does not have user access.

bnordli avatar Jan 18 '17 19:01 bnordli