[ECA-7783] Attach access control logic to tickets - PrimeKey Issue Tracker

XML

Word

Printable

Details

Type: Improvement
Status: Closed
Priority: Major
Resolution: Fixed
Affects Version/s: None
Fix Version/s: EJBCA 7.0.1
Component/s: None
Labels:
- AccessControl
- IssueChecker

Provenance:
Internal Delivery
Epic Link:
EJBCA Configuration Checker
Sprint:
EJBCA Team Bob - 2019 w6

Description

Currently, if the EJBCA Issue Tracker is enabled, tickets are shown to any administrator in EJBCA. An administrator may want to restrict access to the Issue Tracker, since the ticket descriptions can reveal information about how the system is set up.

To allow more more granular control, create a method boolean Ticket.isAuthorized(AuthenticationToken authenticationToken) returning true iff a certain admin is authorised to view a particular ticket.

Attachments

Issue Links

causes

ECA-7858 Not all certificate profiles shown in Issue Checker for limited admins

Closed

is caused by

ECA-7780 Implement EJBCA Issue Checker Framework

Closed

Activity

People

Assignee:: Bastian Fredriksson

Reporter:: Bastian Fredriksson

Verified by:: Samuel Lidén Borell

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Dates

Created:: 2019-02-08 19:26

Updated:: 2019-05-13 13:11

Resolved:: 2019-02-25 11:05

Time Tracking

Estimated:

Remaining:

4h 5m

Logged:

3h 55m