Hi Tanya, Small question.
On Wed, Jan 4, 2017 at 10:43 AM, Tanya Madurapperuma <ta...@wso2.com> wrote: > Hi IS Team and all, > > Purpose of this mail is to discuss about $ Subject. > > There are two main artifact types associated with the dashboard component; > Dashboards and Widgets. > > *Widgets* > According to the current implementation a widget can be an UUF fragment or > an UUF component. > So the plan is to have permission info for each widget in a config > yaml/json file which will be stored in the file system. > > *Dashboards* > With the previous versions of Dashboard Server we used the role based > model instead of permission model due to limitations in creating > permissions dynamically in C4. > Since this limitation is not there in C5 (@ IS team : please correct me if > I am wrong), for dashboards also we will go with the permission model. > Dashboard permission will be stored in the dashboard json file in the file > system for predefined dashboards. If there is any change in the dashboard > json file, it will be stored in the database. > In that case also can't we update the dashboard.json in the file system directly? IMHO having the same artefact both in file system, and database will bring problems of syncing, and I think it's better to have one config storage. > > So from the dashboard components POV, we will consider that dashboard > components knows the principle. > And there will be an isAuthorized method provided from identity end where > we can pass the resource and action to validate whether the logged in user > is authorized for that particular action. > > Based on the above model we have following questions. > 1. How can we call the isAuthorized method from dashboard component ? > 2. Is there any standard / approval process for permission strings ? > 3. How should we register the permissions dynamically at the time of > creating a dashboard? > > Appreciate your insight. > > Thanks, > Tanya > > -- > Tanya Madurapperuma > > Senior Software Engineer, > WSO2 Inc. : wso2.com > Mobile : +94718184439 <071%20818%204439> > Blog : http://tanyamadurapperuma.blogspot.com > -- *Sinthuja Rajendran* Technical Lead WSO2, Inc.:http://wso2.com Blog: http://sinthu-rajan.blogspot.com/ Mobile: +94774273955
_______________________________________________ Architecture mailing list Architecture@wso2.org https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture
