-
Notifications
You must be signed in to change notification settings - Fork 14
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
normativeness of "Common Actions" #48
Comments
There are also "Custom Actions". |
See section 3.7.2 |
Section 3.7.2 only states that custom actions can be any other arbitrary string.
A policy might not only want to check if a subject has to permission to perform an action on a resource, but also check complex parameters value of that action at runtime. Suggestion:
to be clear: both forms should be legitimate and supported representations for "actions". Thats up to the PEP/PDP/Policy. |
"Common Actions" currently defines 4 CRUD and one generice "access" action.
are those normative and mandatory for PDP/PEP spec compliance?
How should a PDP response, in cases a common action is not implemented or does not make sense for a Subject/Resource combination or policy?
The text was updated successfully, but these errors were encountered: