What is the requirement to have per dashboard permission model. What if we go with only four roles (global). I think in Api manager we can edit one api created by one user, by some other user (having create permissions). We can limit acess by tenant level. Will something like that works here.
On Tue, Jun 7, 2016 at 2:38 PM, Nisala Nanayakkara <[email protected]> wrote: > Hi Udara, > > Since these are internal roles, they are not stored in LDAP. So it will > work fine. > > Thanks, > Nisala > > On Tue, Jun 7, 2016 at 10:57 AM, Udara Rathnayake <[email protected]> wrote: > >> Another question, Is this going to work if we have to connect to a >> read-only LDAP/A >> D >> userstore? >> >> On Tue, Jun 7, 2016 at 9:43 AM, Tanya Madurapperuma <[email protected]> >> wrote: >> >>> Is this model scalable? Because per dashboard we will have to create 4 >>> internal roles. So if we have N number of dashboards we will end up having >>> 4 * N number of internal roles. >>> >>> @ IS team : is this approach fine? Or is there any better approach? >>> >>> Thanks, >>> Tanya >>> >>> On Mon, Jun 6, 2016 at 3:44 PM, Nisala Nanayakkara <[email protected]> >>> wrote: >>> >>>> adding Johan and Manuranga >>>> >>>> Thanks, >>>> Nisala >>>> >>>> On Mon, Jun 6, 2016 at 3:41 PM, Nisala Nanayakkara <[email protected]> >>>> wrote: >>>> >>>>> Hi all, >>>>> >>>>> I am working on implementing an access levels model for WSO2 Dashboard >>>>> Server. Currently global permission model for create/delete/login is >>>>> implemented by Megala. Since it does not support to provide per dashboard >>>>> level access for the users. I am going to extend it and implement a >>>>> permission model that can be used to provide per dashboard level access >>>>> for >>>>> the users. >>>>> >>>>> In order to implement this feature, I am going to add four roles at >>>>> dashboard creation time as follows, >>>>> >>>>> - internal/dashboard/{dashboardID}/editor >>>>> - internal/dashboard/{dashboardID}/viewer >>>>> - internal/dashboard/{dashboardID}/settings >>>>> - internal/dashboard/{dashboardID}/delete >>>>> >>>>> At the dashboard creation time, the user who creates the dashboard >>>>> will get all the four roles. But other users have to get above roles to do >>>>> appropriate actions to the dashboard. So that we can set above four roles >>>>> for the users and They will be given different access levels according to >>>>> their roles. >>>>> >>>>> Please feel free to give any feedback. >>>>> >>>>> Thanks, >>>>> Nisala >>>>> -- >>>>> *Nisala Niroshana Nanayakkara,* >>>>> Software Engineer >>>>> Mobile:(+94)717600022 >>>>> WSO2 Inc., http://wso2.com/ >>>>> >>>> >>>> >>>> >>>> -- >>>> *Nisala Niroshana Nanayakkara,* >>>> Software Engineer >>>> Mobile:(+94)717600022 >>>> WSO2 Inc., http://wso2.com/ >>>> >>> >>> >>> >>> -- >>> Tanya Madurapperuma >>> >>> Senior Software Engineer, >>> WSO2 Inc. : wso2.com >>> Mobile : +94718184439 >>> Blog : http://tanyamadurapperuma.blogspot.com >>> >> >> >> >> -- >> Regards, >> UdaraR >> > > > > -- > *Nisala Niroshana Nanayakkara,* > Software Engineer > Mobile:(+94)717600022 > WSO2 Inc., http://wso2.com/ > > _______________________________________________ > Architecture mailing list > [email protected] > https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture > > -- *Susinda Perera* Software Engineer B.Sc.(Eng), M.Sc(Computer Science), AMIE(SL) Mobile:(+94)716049075 Blog: susinda.blogspot.com WSO2 Inc. http://wso2.com/ Tel : 94 11 214 5345 Fax :94 11 2145300
_______________________________________________ Architecture mailing list [email protected] https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture
