Community
Participate
Working Groups
This is following from bug 335699#c6 : "Since the user storage is not aware of user access rights, we need to edit Users.prefs manually and add rights to use '/users/*' URLs. During M6, 'admin' account will have Admin role set and roles will be respected in our Authorization service." I am creating a new implementation of an IMetaStore ( Bug 412995 ) , so "edit Users.prefs manually" will not work. Two problems need to be solved: 1) the admin user has not been created in the IMetaStore. This needs to be solved by creating the admin user using the MetaStore API. 2) The UserInfo does not have a documented API for roles. This needs to be solved by adding the UserRights API to the UserInfo API and then creating the user rights with that API.
Just to follow up on this: (In reply to comment #0) > Two problems need to be solved: > > 1) the admin user has not been created in the IMetaStore. > This needs to be solved by creating the admin user using the MetaStore API. The SecureStorageCredentialsService.initStorage() creates the admin user in the secure storage but does not create an admin user in the IMetaStore. When AuthorizationService.addUserRight is run, it does a readUser() from the IMetaStore. As a result of the way CompatibilityMetaStore is implemented, readUser also creates the user. The initStorage should call IMetaStore.createUser() to create the admin user in the MetaStore. > 2) The UserInfo does not have a documented API for roles. > This needs to be solved by adding the UserRights API to the UserInfo API and > then creating the user rights with that API. The "UserRights API" is implemented by the AuthorizationService and AuthorizationReader using the IMetaStore correctly using properties and it does not look like I need to change anything here.
Fixed in http://git.eclipse.org/c/orion/org.eclipse.orion.server.git/commit/?h=Bug413655&id=e561c7d768bacdeb19f967f636651b8a30762fa5
