Project

General

Profile

Actions

Bug #22384

closed

User story #22206: Allow user to define custom roles in rudder-user.xml

Unknown roles must be ignored, not lead to invalid role

Added by François ARMAND over 1 year ago. Updated about 1 year ago.

Status:
Released
Priority:
N/A
Category:
System integration
Target version:
Severity:
UX impact:
User visibility:
Effort required:
Priority:
0
Name check:
To do
Fix check:
To do
Regression:
No

Description

Currently, if a custom-role is defined and it reference unknown permission, then it is ignored.
We want to allow that (and just ignore the unknown permissions) so that, for ex if a role refers perm related to other plugins, the role remains OK even if one of the plugin is not loaded (and so its permission are unknown from Rudder).

This does not create a security risk since our permission are only additive (union based), and there is no "exclude".

Actions

Also available in: Atom PDF