Hi Senaka, Also we cannot create these roles in the default user manager can we ? IMO we shouldn't add asset specific roles to a organization userstore.
Regards, /Nuwan On Tue, Jul 23, 2013 at 3:03 PM, Senaka Fernando <[email protected]> wrote: > Hi Eranda, > > The role per user model did have one major limitation, where if we wanted > to compute who owns (or can edit/view) an Asset, we had to scan through all > users and figure out who's roles include permissions for a particular > asset. OTOH, if the asset did have a permission of its own, its much easier > to compute that information. However, for products like UES, a separate > need of a role-per-user exists, but according to what we discussed during > the Store meeting, this use-case would benefit by having a role-per-asset > model. > > WDYT? > > Thanks, > Senaka. > > > On Tue, Jul 23, 2013 at 2:40 PM, Eranda Sooriyabandara <[email protected]>wrote: > >> Hi Senaka, >> >> >> On Tue, Jul 23, 2013 at 2:17 PM, Senaka Fernando <[email protected]> wrote: >> >>> Hi all, >>> >>> This is WRT, #1725 on Redmine. >>> >>> +++++++++++++++++++++ >>> The idea is to create a special role that gives READ, WRITE, DELETE and >>> AUTHORIZE access to a particular asset making it possible for a particular >>> user or set of users take ownership of it. This thought came up during a >>> WSO2 Store Milestone Planning Meeting, and mimics the functionality of >>> Google Docs. >>> +++++++++++++++++++++ >>> >>> Before going ahead with this, we have a few things to get clarified. >>> >>> 1. How would this role be named? This shouldn't be the name of the >>> Asset itself, because there can be multiple assets by the same name. It >>> even cant be name + namespace (or similar prefix/postfix), because >>> there can be assets that differ by version. So, what's the best way to name >>> it? >>> >> >> Do we need to create a role for each asset? Can't we have a role per user >> which has the ownership details, which may be more scalable if there are >> lots of artifacts. >> >> >>> >>> 2. How should we be displaying this role in the management console? >>> Should it show up just like any other role, or is there some special >>> treatment in the Registry Browser? Since the role and the asset are 1-to-1, >>> we shouldn't be displaying such roles against other assets, which makes it >>> require some special treatment. >>> >> >> Can't we have a new tab "My Resources" under Main -> Resources. >> >> >>> >>> 3. Is it just one such role or more? For instance, G-Docs has three >>> types of privileges when it comes to sharing (i.e. View, Edit, Owner). >>> >> >> We can specify this level of privileges if we have role per user model. >> >> thanks >> Eranda >> >> >>> >>> Appreciate some quick responses on these in order to make it possible >>> for us to ship this with G-Reg 4.6.0, making it available for WSO2 Store >>> etc. >>> >>> Thanks, >>> Senaka. >>> >>> -- >>> * <http://us13.wso2con.com/> >>> * >>> * >>> * >>> *Senaka Fernando* >>> Senior Technical Lead; WSO2 Inc.; http://wso2.com* >>> Member; Apache Software Foundation; http://apache.org >>> >>> E-mail: senaka AT wso2.com >>> **P: +1 408 754 7388; ext: 51736*; *M: +94 77 322 1818 >>> Linked-In: http://linkedin.com/in/senakafernando >>> >>> *Lean . Enterprise . Middleware >>> >>> _______________________________________________ >>> Architecture mailing list >>> [email protected] >>> https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture >>> >>> >> >> >> -- >> *Eranda Sooriyabandara >> *Senior Software Engineer; >> Integration Technologies Team; >> WSO2 Inc.; http://wso2.com >> Lean . Enterprise . Middleware >> >> E-mail: eranda AT wso2.com >> Mobile: +94 716 472 816 >> Linked-In: http://www.linkedin.com/in/erandasooriyabandara >> Blog: http://emsooriyabandara.blogspot.com/ >> >> >> >> * >> * >> >> _______________________________________________ >> Architecture mailing list >> [email protected] >> https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture >> >> > > > -- > * <http://us13.wso2con.com/> > * > * > * > *Senaka Fernando* > Senior Technical Lead; WSO2 Inc.; http://wso2.com* > Member; Apache Software Foundation; http://apache.org > > E-mail: senaka AT wso2.com > **P: +1 408 754 7388; ext: 51736*; *M: +94 77 322 1818 > Linked-In: http://linkedin.com/in/senakafernando > > *Lean . Enterprise . Middleware > > _______________________________________________ > Architecture mailing list > [email protected] > https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture > > -- *Thanks & Regards, Nuwan Bandara Technical Lead; **WSO2 Inc. * *lean . enterprise . middleware | http://wso2.com * *blog : http://nuwanbando.com; email: [email protected]; phone: +94 11 763 9629 * <http://www.nuwanbando.com/>
_______________________________________________ Architecture mailing list [email protected] https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture
