Hi,
I noticed following in the permissions defined in services.xml [1] in
tenant-mgt component. (Highlighted in red)
<operation name="addTenant">
<parameter name="superTenantService" locked="true">true</parameter>
<parameter name="AuthorizationAction"
locked="true">/permission/protected/manage/*monitor*/tenants</parameter>
</operation>
<operation name="addSkeletonTenant">
<parameter name="superTenantService" locked="true">true</parameter>
<parameter name="AuthorizationAction"
locked="true">/permission/protected/manage/*monitor*/tenants</parameter>
</operation>
<operation name="deleteTenant">
<parameter name="superTenantService" locked="true">true</parameter>
<parameter name="AuthorizationAction"
locked="true">/permission/protected/manage/modify/tenants</parameter>
</operation>
For addTenant and addSkeletonTenant, they should have "modify" instead
of "monitor" as per my understanding.
[1]
https://svn.wso2.org/repos/wso2/carbon/platform/branches/4.0.2AF/components/stratos/tenant-mgt/org.wso2.carbon.tenant.mgt/2.0.1/src/main/resources/META-INF/services.xml
--
Tharindu Edirisinghe
Software Engineer | WSO2 Inc
Identity Server Team
mobile : +94 775 181586
_______________________________________________
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev
