Policy modifications should use PUT instead of POST

telefonicaid / fiware-keypass

Keypass is a multitenant XACML Authorization Server (Access Control) with PAP (Policy Administration Point) and PDP (Policy Decision Point) capabilities used by IoT Platform.

Apache License 2.0

9 stars 5 forks source link

Policy modifications should use PUT instead of POST #51

Open dmoranj opened 9 years ago

dmoranj commented 9 years ago

Currently, policy creation behaves as follows: "when a POST request with a policy arrives to the PAP:

If the PolicyId already exists, it is updated with the contents of the request
If the PolicyId does not exist, it creates a new policy"

This behavior is misleading, and should be changed, so that POST request with the same PolicyId end up in an error, and a PUT method should be added to deal with modifications.

AlvaroVega commented 9 years ago

The doc should be also updated: https://github.com/telefonicaid/fiware-keypass/blob/develop/API.md#create-or-update-a-policy