Hi Sammera, On Thu, May 2, 2013 at 4:20 PM, Sameera Perera <[email protected]> wrote:
> Hi Sanjeewa, > > To me, controlling tier visibility by user group is a tenant level > decision (i.e. to be taken by the tenant admin) and not a super admin level > decision. > Ultimately, the tiers apply to APIs published at the tenant level and that > admin will know which tiers make sense for the APIs and users on his domain. > Make sense? > According to current design we do not keep separate tiers.xmls for each and every tenant and let super admin to define it. Yes i agree with what you suggested but in that case we(super admin) might loose the control of limiting API calls by tiers in tenant level. Thanks. > > > On Thu, May 2, 2013 at 3:56 PM, Sanjeewa Malalgoda <[email protected]>wrote: > >> Hi All, >> Now in API manager all available tiers are visible to all subscribers >> available. In some use cases we may need to limit this visibility. Lets say >> we need to avoid creating APIs with higher limit tiers (to some user >> group). Also we might need to let some users to create APIs with higher >> requests limit. Let say we have 5 tiers which allows users to send 5, 10, >> 20, 100, 1000 requests per given time unit. We need to limit group1 to >> create apis which allows 5, 10 and 20. And also group2 need to access all 5 >> tiers. I think this is valid use case. >> >> I can see 2 ways to do this. >> 01. Add allowed user groups to tier definition and limit visibility at >> publisher based on it. Then tiers definition will contain allowed user >> roles for tier. >> 02. Keep separated mapping of users to tiers and limit visibility at >> publisher based on it. >> >> Things will complicated when it comes to multitenancy. Because these >> policies defined by super admin and stored in super tenant space. So tenant >> users cannot access it and change(tier definitions are common to all >> tenants). And super admin do not know about user groups within tenants. >> WDYT? >> >> Thanks. >> Sanjeewa. >> >> -- >> *Sanjeewa Malalgoda* >> WSO2 Inc. >> Mobile : +14084122175 | +94713068779 >> >> <http://sanjeewamalalgoda.blogspot.com/>blog >> :http://sanjeewamalalgoda.blogspot.com/<http://sanjeewamalalgoda.blogspot.com/> >> >> _______________________________________________ >> Architecture mailing list >> [email protected] >> https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture >> >> > > > -- > > ------------------------------ > > *Sameera Perera* > Senior Manager, API Solutions > mobile: +94 772 658 598 > gtalk: [email protected] > *WSO2, Inc.* <http://wso2.com/> > lean.enterprise.middleware > > > > _______________________________________________ > Architecture mailing list > [email protected] > https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture > > -- *Sanjeewa Malalgoda* WSO2 Inc. Mobile : +14084122175 | +94713068779 <http://sanjeewamalalgoda.blogspot.com/>blog :http://sanjeewamalalgoda.blogspot.com/<http://sanjeewamalalgoda.blogspot.com/>
_______________________________________________ Architecture mailing list [email protected] https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture
