This is an automated email from the ASF dual-hosted git repository.
smckinney pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/directory-fortress-enmasse.git
The following commit(s) were added to refs/heads/master by this push:
new 58cc7e4 more cleanup
58cc7e4 is described below
commit 58cc7e424da1373a21c259e78c7bfbc2ebacce2f
Author: Shawn McKinney <smckinney@apache.org>
AuthorDate: Sat Mar 16 18:22:44 2019 -0500
more cleanup
---
README-SECURITY-MODEL.md | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/README-SECURITY-MODEL.md b/README-SECURITY-MODEL.md
index 84d33ee..b01809d 100644
--- a/README-SECURITY-MODEL.md
+++ b/README-SECURITY-MODEL.md
@@ -119,7 +119,7 @@ The ARBAC checks include the following:
3. Some APIs on the *AdminMgr* do organization checks, matching the org on the admin role
with that on the target. There are two types of organziations, User and Permission.
- For example, de/assignUser(User, Role) will verify that the caller has an ADMIN role with
a matching user org unit, *userOU*, on the target role.
+ For example, de/assignUser(User, Role) will verify that the caller has an ADMIN role with
a matching user org unit, *userOU*, on the target user.
There is similar check on grant/revokePermission(Role, Permission), where the caller must
have activated ADMIN role matching the perm org unit, *permOU*, corresponding with the permission
being targeted.
|