@olifre - looked a bit at this this morning. A WLCG token will additionally provide explicit create / modify authorization. So, we should be able to implement logic around the lines of:
- When examining authorizations in the loop, add the appropriate permissions for create & modify.
- If write is encountered, note this but do not generate new permissions for that.
- Once the loop has completed, if we saw only write but neither create nor modify then we have encountered a SciToken and add back in all write permissions.
That should handle the WLCG case correctly and make the compliance tests happy. Right?
Brian
—
Reply to this email directly, view it on GitHub, or unsubscribe.
You are receiving this because you are subscribed to this thread.
Message ID: <xrootd/xrootd/issues/1655/1090414328@github.com>
[
{
"@context": "http://schema.org",
"@type": "EmailMessage",
"potentialAction": {
"@type": "ViewAction",
"target": "https://github.com/xrootd/xrootd/issues/1655#issuecomment-1090414328",
"url": "https://github.com/xrootd/xrootd/issues/1655#issuecomment-1090414328",
"name": "View Issue"
},
"description": "View this Issue on GitHub",
"publisher": {
"@type": "Organization",
"name": "GitHub",
"url": "https://github.com"
}
}
]
Use REPLY-ALL to reply to list
To unsubscribe from the XROOTD-DEV list, click the following link:
https://listserv.slac.stanford.edu/cgi-bin/wa?SUBED1=XROOTD-DEV&A=1
