Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

DefaultRoleUpdateService.assignRoles should have option to ensure direct membership #435

Open
amcclain opened this issue Jan 14, 2025 · 0 comments
Open

DefaultRoleUpdateService.assignRoles should have option to ensure direct membership #435

amcclain opened this issue Jan 14, 2025 · 0 comments
Labels
admin

Comments

@amcclain
Copy link
Member

Current impl of assignRoles() is a no-op if user.hasRole(roleName), but that hasRole() method will return true for roles held by the user due to role inheritance, ie the user does not necessarily have a direct membership in the role.

It would be useful to support role-management tasks where we want to ensure a user is explicitly added as a direct member to a role. I would like hasRole and assignRoles to take something like a boolean asDirectMember flag. Default could remain false (certainly for hasRole, could discuss assignRole).
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
admin
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@amcclain