0009079: Clarification permissions on SecurityGroupType objects needed - MantisBT

ID	Project	Category	View Status	Date Submitted	Last Update

0009079	10000-014: PubSub	Spec	public	2023-08-04 08:45	2023-09-20 08:59

Reporter	Matthias Damm	Assigned To	Matthias Damm
Priority	normal	Severity	major	Reproducibility	always
Status	closed	Resolution	fixed
Product Version	1.05.02
Fixed in Version	1.05.03

Summary	0009079: Clarification permissions on SecurityGroupType objects needed
Description	Input from one of my colleagues: The specification states: 8.3.2 GetSecurityKeys Method ... "The Permission of the SecurityGroupType Object for the SecurityGroupId controls the access to the security keys for the SecurityGroupId. If the user used to call this Method does not have the Call Permission set for the related SecurityGroupType Object, the Server shall return Bad_UserAccessDenied for this Method." and 8.4.1 SecurityGroupType definition ... "The Permission of the SecurityGroupType Objects controls the access to the security keys for the SecurityGroup through the Method GetSecurityKeys." Both sections indicate that the permission on the Node (instance of SecurityGroupType) in the address space shall be used to evaluate permission to call the method GetSecurityKeys. However when setting call permission for SecurityKeyServerAccess on that node that would also require to set call permissions for SecurityKeyServerAdmin to be able to call methods on that object (e.g. ForceKeyRotation). We need a clarification on how to interpret the rolePermissions set in the SecurityGroupDataType and if/how to apply them to the address space.
Additional Information	The problem is that SecurityKeyServerAdmin is needed on the SecurityGroupType objects to manage the group e.g. change permissions or call methods. Therefore it needs to be in the RolePermissions for the SecurityGroup object. But the SecurityKeyServerAdmin should not have automatically access to the keys. We can define that SecurityKeyServerAdmin is automatically added to the permissions but SecurityKeyServerAdmin is excluded from the access to GetSecurityKeys. The problem is that we originally defined the configuration of the SecurityGroup through Methods and writing the RolePermission on the Object. But now we have the option through the PubSubConfiguraiton2DataType and CloseAndUpdate. There we have an own configuration field for the RolePermissions. Another option would be to remove the statement that the RolePermissions of the SecurityGroup object are used to control access to GetSecurityKeys.
Tags	FLC

Commit Version	1.05.03
Fix Due Date	2023-11-01

Jim Luth 2023-09-19 08:19 administrator ~0020001	Agreed to remove the text because the configuration info is already in the structure.

Matthias Damm 2023-09-20 07:22 developer ~0020008	8.4.1 SecurityGroupType definition 8.3.2 GetSecurityKeys Method Changed text to refer to the "configuration parameter RolePermissions contained in the SecurityGroupDataType" instead of the RolePermissions of the SecurityGroup Object.

Jim Luth 2023-09-20 08:59 administrator ~0020011	Agreed to changes in F2F.

Date Modified	Username	Field	Change
2023-08-04 08:45	Matthias Damm	New Issue
2023-08-08 16:04	Jim Luth	Tag Attached: FLC
2023-09-19 08:18	Jim Luth	Assigned To	=> Matthias Damm
2023-09-19 08:18	Jim Luth	Status	new => assigned
2023-09-19 08:19	Jim Luth	Note Added: 0020001
2023-09-19 08:19	Jim Luth	Commit Version	=> 1.05.03
2023-09-19 08:40	Jim Luth	Fix Due Date	=> 2023-11-01
2023-09-20 07:22	Matthias Damm	Status	assigned => resolved
2023-09-20 07:22	Matthias Damm	Resolution	open => fixed
2023-09-20 07:22	Matthias Damm	Fixed in Version	=> 1.05.03
2023-09-20 07:22	Matthias Damm	Note Added: 0020008
2023-09-20 08:59	Jim Luth	Status	resolved => closed
2023-09-20 08:59	Jim Luth	Note Added: 0020011