Details

    • Type: Sub-task
    • Status: To Do
    • Priority: Medium
    • Resolution: Unresolved
    • Affects Version/s: None
    • Fix Version/s: None
    • Component/s: None
    • Labels:
      None

      Description

      For reference:

      {{There is an important test missing here about what happens if userA who created a token, but then has there own permissions revoked. We need to assert that the token then no longer exists (or is no longer valid).

      Also, what if userA who is a part of groupB creates a token. If that token required pieces of both of those roles in order to be created. Then if userA looses the relevant permission, the token should become invalid, even though his group still has the permission which was part of creating the permission.

      We might as well also test the scenario where both the user and the group could create the token on their own, then if one of them goes away, the token still exists.}}

      Note: That first test case is probably already covered in the GrantsSpec. (not at the HTTP level)

        Attachments

          Activity

            People

            • Assignee:
              Unassigned
              Reporter:
              jr Jean-Remi Desjardins
            • Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

              • Created:
                Updated: