Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

  1. Currently, each AccessRequirement can be applied to multiple subjects. Every time a subject is added or removed from the AccessRequirement, the AccessRequirement is updated. 
  2. Since applying an AccessRequirement to a subject is a relationship between AccessRequirement and subject, adding or removing subjects from AccessRequirement should only change the relationship between the subjects and the AccessRequirement, and do not update the AccessRequirement.
  3. Entity's creator needs to contact ACT to apply an existing AccessRequirement to their entity.
  4. Also, changing this relationship may make the subject more or less accessible to users. The change should trigger a change message on the subject itself so that we can correctly authorize users' actions on the subject.

...

  • AccessRequirement itself can have similar terms. AccessRequirements do not have name. Without the context of which subject it applies too, it is hard for user to identify which AccessRequirement they wants.

Update:

...

  • .

...

New Services

These are new APIs for option 2.

subjectsAccessRequirementSubjectChangeRequest

ActionIntended UsersMethodURIRequest ParamsRequestBodyResponseBody
1Apply or Remove an AccessRequirement to a list of subjectssubjectACTPUT/accessRequirement/{id}/subjectsubjectId, subjectType

2Remove an AccessRequirement from a subjectACTDELETE/accessRequirement/{id}/subjectsubjectId, subjectType

3Listing a page of subjects that an AccessRequirement directly applies toAll usersGET/accessRequirement/{id}/subjectsnextPageToken
RestrictableObjectDescriptorResponse
4Listing a page of AccessRequirements that applies to a subject All usersPOST/accessRequirement/batch
BatchAccessRequirementRequestBatchAccessRequirementResponse



AccessRequirementSubjectChangeRequest
List<RestrictableObjectDescriptor> subjects
ChangeType changeType (ADD, REMOVE)
RestrictableObjectDescriptorResponse
List<RestrictableObjectDescriptor> subjects
String nextPageToken


BatchAccessRequirementRequest
RestrictableObjectDescriptor subject
String nextPageToken

...

  • Jira Legacy
    serverJIRA (sagebionetworks.jira.com)
    columnskey,summary,type,created,updated,due,assignee,reporter,priority,status,resolution
    serverIdba6fb084-9827-3160-8067-8ac7470f78b2
    keyPLFM-4476
  • Jira Legacy
    serverJIRA (sagebionetworks.jira.com)
    columnskey,summary,type,created,updated,due,assignee,reporter,priority,status,resolution
    serverIdba6fb084-9827-3160-8067-8ac7470f78b2
    keyPLFM-4512
  • Jira Legacy
    serverJIRA (sagebionetworks.jira.com)
    columnskey,summary,type,created,updated,due,assignee,reporter,priority,status,resolution
    serverIdba6fb084-9827-3160-8067-8ac7470f78b2
    keySWC-3709
  • Jira Legacy
    serverJIRA (sagebionetworks.jira.com)
    columnskey,summary,type,created,updated,due,assignee,reporter,priority,status,resolution
    serverIdba6fb084-9827-3160-8067-8ac7470f78b2
    keyPLFM-4518