Hi Srinath, My opinion is, individual users should able to write queries to DAS directly as well. So I think, we require user support in DAS level.
Thanks On Mon, Mar 28, 2016 at 2:43 PM, Srinath Perera <[email protected]> wrote: > Hi Ayyoob, Ruwan, Suho, > > I think where to handle ( within DAS vs. at higher level API in APIM or > IoT server) is decided by what level user customizations are needed for > analytics queries. > > If we need individual users to write their own queries as well, then we > need to build user support into DAS. However, if queries can be changed by > tenant admins only, doing this via a high-level API is OK. > > Where does APIM and IoT server stands on this? > > --Srinath > > > > On Sat, Mar 26, 2016 at 9:28 AM, Ayyoob Hamza <[email protected]> wrote: > > > > Hi, > > Yes we require user level separation but just wondered whether we need > this separation in DAS level or whether can we enforce it device type API > level. This is because IMO, DAS provides a low level API which we cannot > expose it directly so we need a proxy that maps this to a high level API to > expose the data. So wondered whether can we do the restriction in the high > level API endpoint. However if the user level separation is required across > products such as APIM then I guess the separation should be in the DAS > level. > > > > Further just wanted to bring another concern that we have, we have a > requirement on device sharing so what this mean is that we can share the > data of a device to another, which means a drill down permission model, > where the separation would be in user, device level(eg: Does the user X has > permission to view the data of the device d of user Y). So in this case I > wonder whether this needs to be handled in DAS level? rather I see that it > needs to be handled in the high level API that we provide to expose the > data. > > > > Thanks > > > > > > Ayyoob Hamza > > Software Engineer > > WSO2 Inc.; http://wso2.com > > email: [email protected] cell: +94 77 1681010 > > > > On Sat, Mar 26, 2016 at 1:03 AM, Ruwan Yatawara <[email protected]> wrote: > >> > >> Hi Suho, > >> > >> Yes, you are right. We require user level isolation in IoT Server. > >> > >> Thanks and Regards, > >> > >> Ruwan Yatawara > >> > >> Senior Software Engineer, > >> WSO2 Inc. > >> > >> email : [email protected] > >> mobile : +94 77 9110413 > >> blog : http://ruwansrants.blogspot.com/ > >> www: :http://wso2.com > >> > >> > >> On Fri, Mar 25, 2016 at 11:55 PM, Sriskandarajah Suhothayan < > [email protected]> wrote: > >>> > >>> Hi > >>> > >>> User level isolation is needed for the IoT server, as in the IoT > server context user registers a device and use that, hence he/she should > only be able to see his/her devices and not any other users devices or > data. > >>> > >>> @Pabath & Sumedha correct me if I'm wrong. > >>> > >>> Regards > >>> Suho > >>> > >>> On Fri, Mar 25, 2016 at 9:02 AM, Srinath Perera <[email protected]> > wrote: > >>>> > >>>> For the data published from APIM and IoT servers, what kind of > isolation do we need? > >>>> > >>>> Option 1: Tenant level - DAS already has this. However, this means > that multiple users (e.g. publishers, subscribers, or IoT users) can see > other people's stats of they are in the same tenant > >>>> > >>>> Option 2: User level - DAS does not have this concept yet. > >>>> > >>>> Also a related question is that if user add their own queries, at > what level they are isolated. > >>>> > >>>> --Srinath > >>>> > >>>> -- > >>>> ============================ > >>>> Blog: http://srinathsview.blogspot.com twitter:@srinath_perera > >>>> Site: http://home.apache.org/~hemapani/ > >>>> Photos: http://www.flickr.com/photos/hemapani/ > >>>> Phone: 0772360902 > >>> > >>> > >>> > >>> > >>> -- > >>> S. Suhothayan > >>> Technical Lead & Team Lead of WSO2 Complex Event Processor > >>> WSO2 Inc. http://wso2.com > >>> lean . enterprise . middleware > >>> > >>> cell: (+94) 779 756 757 | blog: http://suhothayan.blogspot.com/ > >>> twitter: http://twitter.com/suhothayan | linked-in: > http://lk.linkedin.com/in/suhothayan > >>> > >>> _______________________________________________ > >>> Architecture mailing list > >>> [email protected] > >>> https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture > >>> > >> > >> > >> _______________________________________________ > >> Architecture mailing list > >> [email protected] > >> https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture > >> > > > > > > _______________________________________________ > > Architecture mailing list > > [email protected] > > https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture > > > > > > -- > ============================ > Blog: http://srinathsview.blogspot.com twitter:@srinath_perera > Site: http://home.apache.org/~hemapani/ > Photos: http://www.flickr.com/photos/hemapani/ > Phone: 0772360902 > > _______________________________________________ > Architecture mailing list > [email protected] > https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture > > -- Geesara Prathap Kulathunga Software Engineer WSO2 Inc; http://wso2.com Mobile : +940772684174
_______________________________________________ Architecture mailing list [email protected] https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture
