Hi Dilan, On Wed, Jan 4, 2017 at 2:48 PM, Dilan Udara Ariyaratne <[email protected]> wrote:
> Hi Tania, > > Are we going to keep one dashboard permission or multiple ? The reason > that I am asking this is if we can allow multiple, we can > separate out access for critical functions like dashboard view, edit and > manage via those permissions. > As explained offline each dashboard will have its own permission for view , edit/ update, delete. The only difference in this with the previous versions is that instead of the role we will use permissions. > > Also, have you looked into the scenario of restricting access of > dashboards for different users ? > A permission is resource + action. So we can restrict access with the permission. > AFAIU, it's only by having multiple permissions, we can do this. > Thanks, Tanya > > Cheers, > Dilan. > > *Dilan U. Ariyaratne* > Senior Software Engineer > WSO2 Inc. <http://wso2.com/> > Mobile: +94766405580 <%2B94766405580> > lean . enterprise . middleware > > > On Wed, Jan 4, 2017 at 1:56 PM, Johann Nallathamby <[email protected]> > wrote: > >> >> >> On Wed, Jan 4, 2017 at 1:04 PM, Nipuna Chandradasa <[email protected]> >> wrote: >> >>> [+adding Sajith] >>> Please find the my questions and suggestions in line.... >>> >>>> >>>>>> Based on the above model we have following questions. >>>>>> 1. How can we call the isAuthorized method from dashboard component ? >>>>>> >>>>> >>> Isn't this isAuthorized method should be exposed through UUF as >>> dashboard component is basically a UUF component? It might not be good to >>> expose a such a functionality through a UI framework but it'll be lot >>> cleaner than invoking a OSGI service inside our component. >>> >> >> Once you login using CAAS (carbon authentication and authorization >> service) components you will get a CAAS User object [1]. This User object >> is a proxy object which can be used to call all the underlying identity >> store and authorization store methods. Ideally you will store this User >> object in the user's logged in session and perform those operations when >> necessary. >> >> [1] https://github.com/wso2/carbon-security/blob/release-1. >> 0.0-m2/components/org.wso2.carbon.security.caas/src/main/jav >> a/org/wso2/carbon/security/caas/user/core/bean/User.java >> >> Regards, >> Johann. >> >> >> >>> >>> >>>> 2. Is there any standard / approval process for permission strings ? >>>>>> >>>>> 3. How should we register the permissions dynamically at the time of >>>>>> creating a dashboard? >>>>>> >>>>>> Appreciate your insight. >>>>>> >>>>> >>>>> >>> Thank you, >>> >>> -- >>> Nipuna Marcus >>> *Software Engineer* >>> WSO2 Inc. >>> http://wso2.com/ - "lean . enterprise . middleware" >>> Mobile : +94 (0) 713 667906 <+94%2071%20366%207906> >>> [email protected] >>> >> >> >> >> -- >> Thanks & Regards, >> >> *Johann Dilantha Nallathamby* >> Technical Lead & Product Lead of WSO2 Identity Server >> Governance Technologies Team >> WSO2, Inc. >> lean.enterprise.middleware >> >> Mobile - *+94777776950* >> Blog - *http://nallaa.wordpress.com <http://nallaa.wordpress.com>* >> >> _______________________________________________ >> Architecture mailing list >> [email protected] >> https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture >> >> > > _______________________________________________ > Architecture mailing list > [email protected] > https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture > > -- Tanya Madurapperuma Senior Software Engineer, WSO2 Inc. : wso2.com Mobile : +94718184439 Blog : http://tanyamadurapperuma.blogspot.com
_______________________________________________ Architecture mailing list [email protected] https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture
