|
|
| Participants: |
Andreas Richter, Andy Brook, Audra Eng [Atlassian], B. M., Bob Swift, bpwiki, Charles Miller [old account, do not assign issues], David Gitman, David Hergert, David O'Flynn [Atlassian], Denis Cabasson, EnBW Confluence, Erich Buri, Fabricio Santana, Garry Huang, Gerhard Müller, Gilles Lafagne, Ivan Benko [Atlassian], Jack Pinette, Jeff Parsons, Jim Birch, John Farnsworth, John Kung, John Sims, Jon T, Josh Stone, Klaus Rothert, Marc Elliott, Marty Tremblay, Matt Campbell, Matt Howell, Matt Ryall [Atlassian], Max Vit, Michael, Michael Jositz, Michael Kantarovich, Michal Szklanowski, Miles Egan, na, Oleksii Gnatkevych, Patrick Bizeau, Philip Parkinson, Rodney Sawyer, Sascha Kettler, Stuart Irving, Suma Ramki, Sævaldur Gunnarsson, Thomas Kaindl, Timothy Yanni-Lazarus and Tom Davies [Atlassian]
|
| Since last comment: |
3 weeks, 1 day ago
|
| Internal Complexity: |
8
|
| Internal Value: |
6
|
| Labels: |
LDAP
mt
|
Currently in Atlassian-user, groups can only include users, not other groups. Support for nested groups would allow groups to contain other groups.
For example, consider the following simplified LDAP records:
dn: cn=sales,ou=groups
cn: sales
member: cn=salesman,ou=users
dn: cn=staff,ou=groups
cn: staff
member: cn=ceo,ou=users
member: cn=sales,ou=groups
In this example, the group 'sales' is a group containing just a single user, 'salesman'. However, the 'staff' group contains both the user 'ceo' and the group 'sales'.
In Atlassian-user, implementing nested groups would mean that 'salesman' would be a member of both 'sales' and 'staff' in the above scenario. Atlassian-user should also recognise that both users and groups can be members of a group, especially when listing the membership information for a group. (That is, a list of the members of 'staff' should have two entries: an entry for the 'ceo' user and an entry for the 'sales' group. The membership should not automatically be condensed into a list of two users.)
In applications, permissions granted to the 'staff' group should apply to both 'salesman' and 'ceo'. Additionally, any new users added to 'sales' should automatically gain these permissions.
|
|
Description
|
Currently in Atlassian-user, groups can only include users, not other groups. Support for nested groups would allow groups to contain other groups.
For example, consider the following simplified LDAP records:
dn: cn=sales,ou=groups
cn: sales
member: cn=salesman,ou=users
dn: cn=staff,ou=groups
cn: staff
member: cn=ceo,ou=users
member: cn=sales,ou=groups
In this example, the group 'sales' is a group containing just a single user, 'salesman'. However, the 'staff' group contains both the user 'ceo' and the group 'sales'.
In Atlassian-user, implementing nested groups would mean that 'salesman' would be a member of both 'sales' and 'staff' in the above scenario. Atlassian-user should also recognise that both users and groups can be members of a group, especially when listing the membership information for a group. (That is, a list of the members of 'staff' should have two entries: an entry for the 'ceo' user and an entry for the 'sales' group. The membership should not automatically be condensed into a list of two users.)
In applications, permissions granted to the 'staff' group should apply to both 'salesman' and 'ceo'. Additionally, any new users added to 'sales' should automatically gain these permissions. |
Show » |
Sort Order:
| No work has yet been logged on this issue.
|
|
Improvement
Open
Major
Support nested groups
