Uploaded image for project: 'Keycloak'
  1. Keycloak
  2. KEYCLOAK-8794

End user sharing of his resource removes permission to his resource

    XMLWordPrintable

    Details

    • Steps to Reproduce:
      Hide

      Please see the attached screen cast. First we see how user rs1 has permissions for read and edit on resource1. This is because of a policy/permission which grants the scopes to the resource owner.

      Then we see that rs1 uses the My resources screen to share the read scope with user rs2.

      Reevaluating the permissions on resource1, we see that rs1 - the resource owner - has lost the read scope.

      Show
      Please see the attached screen cast. First we see how user rs1 has permissions for read and edit on resource1. This is because of a policy/permission which grants the scopes to the resource owner. Then we see that rs1 uses the My resources screen to share the read scope with user rs2. Reevaluating the permissions on resource1, we see that rs1 - the resource owner - has lost the read scope.
    • Docs QE Status:
      NEW
    • QE Status:
      NEW

      Description

      Resource owner rs1 has read and edit rights to his resource1 through a JS policy and permission which grants the resource owner the rights.

      If rs1 uses the My resources screen to grant another user, rs2, the read scope to resource1, rs1 looses the right to the read scope.

        Gliffy Diagrams

          Attachments

            Issue Links

              Activity

                People

                • Assignee:
                  pcraveiro Pedro Igor
                  Reporter:
                  gcleaves Geoffrey Cleaves
                • Votes:
                  0 Vote for this issue
                  Watchers:
                  3 Start watching this issue

                  Dates

                  • Created:
                    Updated:
                    Resolved: