Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add user session termination on role/permission change #269

Open
hoeyi opened this issue Sep 8, 2024 · 0 comments
Open

Add user session termination on role/permission change #269

hoeyi opened this issue Sep 8, 2024 · 0 comments
Labels
area: identity Identity and access management feature New feature or request type: user story User story

Comments

@hoeyi
Copy link
Owner

hoeyi commented Sep 8, 2024
edited
Loading

Statement

As an admin, I want users who have had their roles changed to be required to log in again upon their next access, ensuring that any role-based permissions are applied immediately after the change.

Acceptance Criteria

When role assignment for a user changes (add or remove), the system should do the following:

  1. When a role is modified for a user, the system invalidates their current session.
  2. On the user's next access request, they are prompted to log in again.
  3. After re-authentication, the new role permissions are applied to the user's session.

Additional Notes

Postponed feature from #254
@hoeyi hoeyi added area: identity Identity and access management feature New feature or request type: user story User story labels Sep 8, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
area: identity Identity and access management feature New feature or request type: user story User story
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@hoeyi