[
https://issues.apache.org/jira/browse/QPID-7340?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15373148#comment-15373148
]
Keith Wall commented on QPID-7340:
----------------------------------
I think the most appropriate ACL rule we have at the moment is guard the
operation with a METHOD "purgeUser" check. The permission could be given to
someone in the identity maintainer role.
> Implement purge user function
> ------------------------------
>
> Key: QPID-7340
> URL: https://issues.apache.org/jira/browse/QPID-7340
> Project: Qpid
> Issue Type: New Feature
> Components: Java Broker
> Reporter: Keith Wall
> Fix For: qpid-java-6.1
>
>
> When a human user leaves an organisation, it is normally desirable to remove
> the records that belong to that user. Implement an operation to allow a
> named user to be removed. This could be hooked to to an organisation's
> 'leavers-feed'.
> This operation should remove:
> * preferences
> * for authentication providers that manage their own database, the user's
> password entry
> * for group providers that manage their own database, remove the user from
> any groups
> What ACL permission should protect this operation?
> What if a Virtualhost is offline at the time the operation is invoked?
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@qpid.apache.org
For additional commands, e-mail: dev-h...@qpid.apache.org
