Details
-
Task
-
Resolution: Fixed
-
Major - P3
-
None
-
None
-
None
-
Fully Compatible
-
Security 2021-02-08, Security 2021-02-22
Description
AuthorizationSession is the class responsible for maintaining information about the current authenticated user, performing access checks, and defining the access check rules for a large number of commands. The access control rules for the commands do not need to be contained in this class and can be separated out. This is motivated by the goal of reducing the responsibilities of the class and reducing the coupling between classes.
The command access checks will be moved to to a new set of files for commands that share access checks across code (i.e. find, insert, delete, etc). While the access checks that are not shared across commands will be inlined into their respective commands (i.e. createRole, revokeRole, etc).