Hi, On Thu, Jun 9, 2016 at 12:43 PM, Nisala Nanayakkara <[email protected]> wrote:
> Hi Sinthuja, > > This email is to clarify several issues regarding this feature. Up-to now > I have created a four internal roles as above. All these four roles are > assigned to the user who created the dashboard initially. If we want to > give specific permission to another user, we can assign appropriate role to > that user. As an example if we want to give access to the settings page to > a user, we can assign appropriate role to that user. > > But lets think that we have to give access to settings page of dashboard X > for all the users who have role A. Then how can we achieve that use-case > here ? Are we going to the add UI configuration in settings page as for > editor and viewer ? Otherwise we have to go through all the users who have > role A and assign them with the dashboard X settings role using carbon > management console. > We thought of adding this to the UI because there can be use cases where we want to give the settings/delete permission to an already existing role in the LDAP. > Another suggestion from me, Shall we create a single role called 'owner' > by merging settings role and delete role as manuranga mentioned ? > +1 If a user has delete role, then I don't see any necessity in restricting him accessing the settings page. Thanks, Tanya > > Thanks, > Nisala > > On Tue, Jun 7, 2016 at 9:15 PM, Manuranga Perera <[email protected]> wrote: > >> If we want to model with the permissions then we should be able to add >>> the permissions dynamically, but this is not possible with current carbon - >>> 4.x. And as I have mentioned above, this cannot be included in the global >>> level as well, because having a settings or delete privileges for dashboard >>> - X, doesn't mean you have the same privileges for dashboard - Y. And hence >>> we thought of going with roles approach for this one as well. I agree, the >>> role names for settings and delete is bit odd, we need to come up with >>> proper names for those. :) >>> >> >> I think it is possible to dynamically create any permissions via the API >> even in C4 >> >> 2) Does "settings" make sense, because if you are an editor, anyway >>>> you'll have full access to the JSON, don't you? >>> >>> In settings you have the full privileges, ie, you can even remove the >>> user who initially created the dashboard, IMHO it provides the full control >>> of the dashboard. Designer doesn't have such privileges, he/she can only >>> add/remove gadgets, pages etc which is related to designing the dashboard. >>> Therefore we need to have a different role to control the access of the >>> settings page. >> >> >> We may call this "Owners"? >> >> -- >> With regards, >> *Manu*ranga Perera. >> >> phone : 071 7 70 20 50 >> mail : [email protected] >> >> _______________________________________________ >> Architecture mailing list >> [email protected] >> https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture >> >> > > > -- > *Nisala Niroshana Nanayakkara,* > Software Engineer > Mobile:(+94)717600022 > WSO2 Inc., http://wso2.com/ > > _______________________________________________ > Architecture mailing list > [email protected] > https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture > > -- Tanya Madurapperuma Senior Software Engineer, WSO2 Inc. : wso2.com Mobile : +94718184439 Blog : http://tanyamadurapperuma.blogspot.com
_______________________________________________ Architecture mailing list [email protected] https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture
