more cleanup

commit: 58cc7e424da1373a21c259e78c7bfbc2ebacce2f [log] [tgz]
author: Shawn McKinney <smckinney@apache.org> Sat Mar 16 18:22:44 2019 -0500
committer: Shawn McKinney <smckinney@apache.org> Sat Mar 16 18:22:44 2019 -0500
tree: 24a997011522cafc1225d66662bb231f4cd69ae4
parent: 16d40532bb98a46236ab16c3e97f779dfdf618a4 [diff]
diff --git a/README-SECURITY-MODEL.md b/README-SECURITY-MODEL.md
index 84d33ee..b01809d 100644
--- a/README-SECURITY-MODEL.md
+++ b/README-SECURITY-MODEL.md

@@ -119,7 +119,7 @@
                                          
 3. Some APIs on the *AdminMgr* do organization checks, matching the org on the admin role with that on the target.  There are two types of organziations, User and Permission.
 
- For example, de/assignUser(User, Role) will verify that the caller has an ADMIN role with a matching user org unit, *userOU*, on the target role.
+ For example, de/assignUser(User, Role) will verify that the caller has an ADMIN role with a matching user org unit, *userOU*, on the target user.
   
  There is similar check on grant/revokePermission(Role, Permission), where the caller must have activated ADMIN role matching the perm org unit, *permOU*, corresponding with the permission being targeted.
commit	58cc7e424da1373a21c259e78c7bfbc2ebacce2f	[log] [tgz]
author	Shawn McKinney <smckinney@apache.org>	Sat Mar 16 18:22:44 2019 -0500
committer	Shawn McKinney <smckinney@apache.org>	Sat Mar 16 18:22:44 2019 -0500
tree	24a997011522cafc1225d66662bb231f4cd69ae4
parent	16d40532bb98a46236ab16c3e97f779dfdf618a4 [diff]