Hi Eranda, The role per user model did have one major limitation, where if we wanted to compute who owns (or can edit/view) an Asset, we had to scan through all users and figure out who's roles include permissions for a particular asset. OTOH, if the asset did have a permission of its own, its much easier to compute that information. However, for products like UES, a separate need of a role-per-user exists, but according to what we discussed during the Store meeting, this use-case would benefit by having a role-per-asset model.
WDYT? Thanks, Senaka. On Tue, Jul 23, 2013 at 2:40 PM, Eranda Sooriyabandara <[email protected]>wrote: > Hi Senaka, > > > On Tue, Jul 23, 2013 at 2:17 PM, Senaka Fernando <[email protected]> wrote: > >> Hi all, >> >> This is WRT, #1725 on Redmine. >> >> +++++++++++++++++++++ >> The idea is to create a special role that gives READ, WRITE, DELETE and >> AUTHORIZE access to a particular asset making it possible for a particular >> user or set of users take ownership of it. This thought came up during a >> WSO2 Store Milestone Planning Meeting, and mimics the functionality of >> Google Docs. >> +++++++++++++++++++++ >> >> Before going ahead with this, we have a few things to get clarified. >> >> 1. How would this role be named? This shouldn't be the name of the Asset >> itself, because there can be multiple assets by the same name. It even >> cant be name + namespace (or similar prefix/postfix), because there can >> be assets that differ by version. So, what's the best way to name it? >> > > Do we need to create a role for each asset? Can't we have a role per user > which has the ownership details, which may be more scalable if there are > lots of artifacts. > > >> >> 2. How should we be displaying this role in the management console? >> Should it show up just like any other role, or is there some special >> treatment in the Registry Browser? Since the role and the asset are 1-to-1, >> we shouldn't be displaying such roles against other assets, which makes it >> require some special treatment. >> > > Can't we have a new tab "My Resources" under Main -> Resources. > > >> >> 3. Is it just one such role or more? For instance, G-Docs has three types >> of privileges when it comes to sharing (i.e. View, Edit, Owner). >> > > We can specify this level of privileges if we have role per user model. > > thanks > Eranda > > >> >> Appreciate some quick responses on these in order to make it possible for >> us to ship this with G-Reg 4.6.0, making it available for WSO2 Store etc. >> >> Thanks, >> Senaka. >> >> -- >> * <http://us13.wso2con.com/> >> * >> * >> * >> *Senaka Fernando* >> Senior Technical Lead; WSO2 Inc.; http://wso2.com* >> Member; Apache Software Foundation; http://apache.org >> >> E-mail: senaka AT wso2.com >> **P: +1 408 754 7388; ext: 51736*; *M: +94 77 322 1818 >> Linked-In: http://linkedin.com/in/senakafernando >> >> *Lean . Enterprise . Middleware >> >> _______________________________________________ >> Architecture mailing list >> [email protected] >> https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture >> >> > > > -- > *Eranda Sooriyabandara > *Senior Software Engineer; > Integration Technologies Team; > WSO2 Inc.; http://wso2.com > Lean . Enterprise . Middleware > > E-mail: eranda AT wso2.com > Mobile: +94 716 472 816 > Linked-In: http://www.linkedin.com/in/erandasooriyabandara > Blog: http://emsooriyabandara.blogspot.com/ > > > > * > * > > _______________________________________________ > Architecture mailing list > [email protected] > https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture > > -- * <http://us13.wso2con.com/> * * * *Senaka Fernando* Senior Technical Lead; WSO2 Inc.; http://wso2.com* Member; Apache Software Foundation; http://apache.org E-mail: senaka AT wso2.com **P: +1 408 754 7388; ext: 51736*; *M: +94 77 322 1818 Linked-In: http://linkedin.com/in/senakafernando *Lean . Enterprise . Middleware
_______________________________________________ Architecture mailing list [email protected] https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture
