On Mon, Dec 18, 2017 at 5:21 AM, Fazlan Nazeem <fazl...@wso2.com> wrote:
> Hi Sam, > > Are we planning to change the ownership of the generated application token > owner as well? i.e AUTHZ_USER of the token and USERNAME of Oauth App in > the DB tables. Otherwise, for analytics, these changes wouldn't be > reflected right? > Well, tokens are owned by end users. So I don't think its right to change the ownership of tokens which are already created. But we probably check how to change the ownership of the OAuth app (SP). > > On Mon, Dec 18, 2017 at 8:21 AM, Prasanna Dangalla <prasa...@wso2.com> > wrote: > >> Hi Sam, >> >> +1 to have the new scope app_manage. >> >> On Mon, Dec 18, 2017 at 7:59 AM Sam Sivayogam <s...@wso2.com> wrote: >> >>> On Sun, Dec 17, 2017 at 1:22 PM, Malintha Amarasinghe < >>> malint...@wso2.com> wrote: >>> >>>> Hi Sam, >>>> >>>> This overall looks good to me. Added few inline comments. >>>> >>>> On Sun, Dec 17, 2017 at 6:26 AM, Sam Sivayogam <s...@wso2.com> wrote: >>>> >>>>> Hi All, >>>>> >>>>> As discussed in mail thread[1] we had a requirement to add an API >>>>> which allows to change the owner of a created application. During the >>>>> initial discussions we decided to add this api to the existing admin REST >>>>> APIs. >>>>> After going through the APIs I thought to add below 2 resources. >>>>> >>>>> >>>>> 1. The following GET resource will list all the apis created by the >>>>> given user. This will be same as the store application listing API but >>>>> lists application for the given username rather than listing the >>>>> applications created user associated with the provided access token. >>>>> >>>>> This will return the >>>>> GET /applications >>>>> >>>>> Parameters >>>>> query username >>>>> >>>> >>>> As a usual practice it is better not to mandate username as it is a >>>> query parameter. One option is, if it is not provided, we get the user from >>>> the access token. Even if it is sligtly bad that it make not sometimes make >>>> sense to get store applications of an admin user, I think it is better than >>>> fully mandating the query param and giving an error if user does not >>>> provide it. >>>> >>> +1 for this approach >>> >>>> >>>> >>>>> >>>>> >>>>> Sample Response : >>>>> { >>>>> "count": 2, >>>>> "next": "", >>>>> "previous": "", >>>>> "list": [ >>>>> { >>>>> "applicationId": "b16ce8d0-5e0b-4259-96e2-68151cc92489", >>>>> "name": "AppX", >>>>> "subscriber": "admin", >>>>> "throttlingTier": "Unlimited", >>>>> "description": "", >>>>> "status": "APPROVED", >>>>> "groupId": "" >>>>> }, >>>>> { >>>>> "applicationId": "aac0df98-8e26-4dda-b0ba-d794c98249c2", >>>>> "name": "AppY", >>>>> "subscriber": "admin", >>>>> "throttlingTier": "Unlimited", >>>>> "description": null, >>>>> "status": "APPROVED", >>>>> "groupId": "" >>>>> } >>>>> ] >>>>> } >>>>> >>>>> >>>>> 2. Following POST Resource is similar to the one we have for lifecycle >>>>> change. This will change the owner of the given application >>>>> >>>> In 3.0.0, we have slighly change the format of similar queries. For ex: >>>> >>>> '/applications/{applicationId}/map-keys': >>>> >>>> instead of using >>>> >>>> '/applications/map-keys?applicationId=<id>': >>>> >>>> Since this is a new API in admin, I think first approach is better as >>>> that is the approach we will be following most of the time for 3.0.0 and >>>> there will be less amount of API changes for a user migrating from 2.x to >>>> 3.0.0 >>>> >>> Will follow the first approach. >>> >>>> >>>> >>>> >>>> On Sun, Dec 17, 2017 at 1:12 PM, Godwin Shrimal <god...@wso2.com> wrot >>>> e: >>>> >>>>> Hi Sam, >>>>> >>>>> Who can change the owner of the application? >>>>> >>>> >>>> *@Godwin*, I think we will be defining a new scope for the API which >>>> can only be retrieved from an admin user. *@Sam* will we do that? >>>> >>> yes thought of having a separate scope like apim:app_manage >>> >>>> >>>> >>>>> >>>>> Thanks >>>>> Godwin >>>>> >>>> >>>> >>>> Thanks! >>>> Malintha >>>> >>>> POST /applications/change-owner >>>>> >>>>> Parameters >>>>> query application UUID >>>>> query newOwner >>>>> >>>>> Sample Response : >>>>> >>>>> { >>>>> "applicationId": "6edcac5e-4df3-42fe-8a21-07c114085bcb", >>>>> "name": "AppY", >>>>> "subscriber": "newOwner", >>>>> "throttlingTier": "Unlimited", >>>>> "callbackUrl": null, >>>>> "description": "", >>>>> "status": "APPROVED", >>>>> "groupId": "" >>>>> } >>>>> >>>>> Please let me know your thoughts on this. >>>>> >>>>> [1] Application Sharing support for Multiple Groups >>>>> >>>>> Thanks, >>>>> Sam >>>>> >>>>> >>>>> -- >>>>> *Sam Sivayogam* >>>>> >>>>> Senior Software Engineer >>>>> Mobile : +94 772 906 439 >>>>> Office : +94 112 145 345 >>>>> *WSO2, Inc. :** wso2.com <http://wso2.com/>* >>>>> lean.enterprise.middleware. >>>>> >>>> >>>> >>>> >>>> -- >>>> Malintha Amarasinghe >>>> *WSO2, Inc. - lean | enterprise | middleware* >>>> http://wso2.com/ >>>> >>>> Mobile : +94 712383306 <+94%2071%20238%203306> >>>> >>> >>> >>> >>> -- >>> *Sam Sivayogam* >>> >>> Senior Software Engineer >>> Mobile : +94 772 906 439 >>> Office : +94 112 145 345 >>> *WSO2, Inc. :** wso2.com <http://wso2.com/>* >>> lean.enterprise.middleware. >>> >> -- >> *Prasanna Dangalla* >> Senior Software Engineer, WSO2, Inc.; http://wso2.com/ >> lean.enterprise.middleware >> >> >> *cell: +94 718 11 27 51* >> *twitter: @prasa77* >> > > > > -- > Thanks & Regards, > > *Fazlan Nazeem* > Senior Software Engineer > WSO2 Inc > Mobile : +94772338839 > <%2B94%20%280%29%20773%20451194> > fazl...@wso2.com > -- Nuwan Dias Software Architect - WSO2, Inc. http://wso2.com email : nuw...@wso2.com Phone : +94 777 775 729
_______________________________________________ Architecture mailing list Architecture@wso2.org https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture