Hi Johann, Once you login using CAAS (carbon authentication and authorization service) > components you will get a CAAS User object [1]. This User object is a proxy > object which can be used to call all the underlying identity store and > authorization store methods. Ideally you will store this User object in the > user's logged in session and perform those operations when necessary. > > [1] https://github.com/wso2/carbon-security/blob/release-1.0 > .0-m2/components/org.wso2.carbon.security.caas/src/main/java > /org/wso2/carbon/security/caas/user/core/bean/User.java > This means that we need to store the User object in the UUF session. In order to that the User class needs to be serializable. However User class does not implements Serializable interface.
On Wed, Jan 4, 2017 at 3:13 PM, Tanya Madurapperuma <[email protected]> wrote: > Hi Dilan, > > On Wed, Jan 4, 2017 at 2:48 PM, Dilan Udara Ariyaratne <[email protected]> > wrote: > >> Hi Tania, >> >> Are we going to keep one dashboard permission or multiple ? The reason >> that I am asking this is if we can allow multiple, we can >> separate out access for critical functions like dashboard view, edit and >> manage via those permissions. >> > As explained offline each dashboard will have its own permission for view > , edit/ update, delete. The only difference in this with the previous > versions is that instead of the role we will use permissions. > >> >> Also, have you looked into the scenario of restricting access of >> dashboards for different users ? >> > A permission is resource + action. So we can restrict access with the > permission. > >> AFAIU, it's only by having multiple permissions, we can do this. >> > > Thanks, > Tanya > >> >> Cheers, >> Dilan. >> >> *Dilan U. Ariyaratne* >> Senior Software Engineer >> WSO2 Inc. <http://wso2.com/> >> Mobile: +94766405580 <%2B94766405580> >> lean . enterprise . middleware >> >> >> On Wed, Jan 4, 2017 at 1:56 PM, Johann Nallathamby <[email protected]> >> wrote: >> >>> >>> >>> On Wed, Jan 4, 2017 at 1:04 PM, Nipuna Chandradasa <[email protected]> >>> wrote: >>> >>>> [+adding Sajith] >>>> Please find the my questions and suggestions in line.... >>>> >>>>> >>>>>>> Based on the above model we have following questions. >>>>>>> 1. How can we call the isAuthorized method from dashboard component ? >>>>>>> >>>>>> >>>> Isn't this isAuthorized method should be exposed through UUF as >>>> dashboard component is basically a UUF component? It might not be good to >>>> expose a such a functionality through a UI framework but it'll be lot >>>> cleaner than invoking a OSGI service inside our component. >>>> >>> >>> Once you login using CAAS (carbon authentication and authorization >>> service) components you will get a CAAS User object [1]. This User object >>> is a proxy object which can be used to call all the underlying identity >>> store and authorization store methods. Ideally you will store this User >>> object in the user's logged in session and perform those operations when >>> necessary. >>> >>> [1] https://github.com/wso2/carbon-security/blob/release-1.0 >>> .0-m2/components/org.wso2.carbon.security.caas/src/main/java >>> /org/wso2/carbon/security/caas/user/core/bean/User.java >>> >>> Regards, >>> Johann. >>> >>> >>> >>>> >>>> >>>>> 2. Is there any standard / approval process for permission strings ? >>>>>>> >>>>>> 3. How should we register the permissions dynamically at the time of >>>>>>> creating a dashboard? >>>>>>> >>>>>>> Appreciate your insight. >>>>>>> >>>>>> >>>>>> >>>> Thank you, >>>> >>>> -- >>>> Nipuna Marcus >>>> *Software Engineer* >>>> WSO2 Inc. >>>> http://wso2.com/ - "lean . enterprise . middleware" >>>> Mobile : +94 (0) 713 667906 <+94%2071%20366%207906> >>>> [email protected] >>>> >>> >>> >>> >>> -- >>> Thanks & Regards, >>> >>> *Johann Dilantha Nallathamby* >>> Technical Lead & Product Lead of WSO2 Identity Server >>> Governance Technologies Team >>> WSO2, Inc. >>> lean.enterprise.middleware >>> >>> Mobile - *+94777776950* >>> Blog - *http://nallaa.wordpress.com <http://nallaa.wordpress.com>* >>> >>> _______________________________________________ >>> Architecture mailing list >>> [email protected] >>> https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture >>> >>> >> >> _______________________________________________ >> Architecture mailing list >> [email protected] >> https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture >> >> > > > -- > Tanya Madurapperuma > > Senior Software Engineer, > WSO2 Inc. : wso2.com > Mobile : +94718184439 <+94%2071%20818%204439> > Blog : http://tanyamadurapperuma.blogspot.com > > _______________________________________________ > Architecture mailing list > [email protected] > https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture > > -- Sajith Janaprasad Ariyarathna Software Engineer; WSO2, Inc.; http://wso2.com/ <https://wso2.com/signature>
_______________________________________________ Architecture mailing list [email protected] https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture
