On Wed, Dec 20, 2017 at 4:56 AM, Shazni Nazeer <[email protected]> wrote:
> Will this also be supported via the store UI? > No, this will be a privileged operation with very less usage. Which doesn't make it useful to have it on the Store UI. > > On Sun, Dec 17, 2017 at 10:34 PM, Nuwan Dias <[email protected]> wrote: > >> >> >> On Mon, Dec 18, 2017 at 5:21 AM, Fazlan Nazeem <[email protected]> wrote: >> >>> Hi Sam, >>> >>> Are we planning to change the ownership of the generated application >>> token owner as well? i.e AUTHZ_USER of the token and USERNAME of Oauth >>> App in the DB tables. Otherwise, for analytics, these changes wouldn't be >>> reflected right? >>> >> >> Well, tokens are owned by end users. So I don't think its right to change >> the ownership of tokens which are already created. But we probably check >> how to change the ownership of the OAuth app (SP). >> >>> >>> On Mon, Dec 18, 2017 at 8:21 AM, Prasanna Dangalla <[email protected]> >>> wrote: >>> >>>> Hi Sam, >>>> >>>> +1 to have the new scope app_manage. >>>> >>>> On Mon, Dec 18, 2017 at 7:59 AM Sam Sivayogam <[email protected]> wrote: >>>> >>>>> On Sun, Dec 17, 2017 at 1:22 PM, Malintha Amarasinghe < >>>>> [email protected]> wrote: >>>>> >>>>>> Hi Sam, >>>>>> >>>>>> This overall looks good to me. Added few inline comments. >>>>>> >>>>>> On Sun, Dec 17, 2017 at 6:26 AM, Sam Sivayogam <[email protected]> wrote: >>>>>> >>>>>>> Hi All, >>>>>>> >>>>>>> As discussed in mail thread[1] we had a requirement to add an API >>>>>>> which allows to change the owner of a created application. During the >>>>>>> initial discussions we decided to add this api to the existing admin >>>>>>> REST >>>>>>> APIs. >>>>>>> After going through the APIs I thought to add below 2 resources. >>>>>>> >>>>>>> >>>>>>> 1. The following GET resource will list all the apis created by the >>>>>>> given user. This will be same as the store application listing API but >>>>>>> lists application for the given username rather than listing the >>>>>>> applications created user associated with the provided access token. >>>>>>> >>>>>>> This will return the >>>>>>> GET /applications >>>>>>> >>>>>>> Parameters >>>>>>> query username >>>>>>> >>>>>> >>>>>> As a usual practice it is better not to mandate username as it is a >>>>>> query parameter. One option is, if it is not provided, we get the user >>>>>> from >>>>>> the access token. Even if it is sligtly bad that it make not sometimes >>>>>> make >>>>>> sense to get store applications of an admin user, I think it is better >>>>>> than >>>>>> fully mandating the query param and giving an error if user does not >>>>>> provide it. >>>>>> >>>>> +1 for this approach >>>>> >>>>>> >>>>>> >>>>>>> >>>>>>> >>>>>>> Sample Response : >>>>>>> { >>>>>>> "count": 2, >>>>>>> "next": "", >>>>>>> "previous": "", >>>>>>> "list": [ >>>>>>> { >>>>>>> "applicationId": "b16ce8d0-5e0b-4259-96e2-68151cc92489", >>>>>>> "name": "AppX", >>>>>>> "subscriber": "admin", >>>>>>> "throttlingTier": "Unlimited", >>>>>>> "description": "", >>>>>>> "status": "APPROVED", >>>>>>> "groupId": "" >>>>>>> }, >>>>>>> { >>>>>>> "applicationId": "aac0df98-8e26-4dda-b0ba-d794c98249c2", >>>>>>> "name": "AppY", >>>>>>> "subscriber": "admin", >>>>>>> "throttlingTier": "Unlimited", >>>>>>> "description": null, >>>>>>> "status": "APPROVED", >>>>>>> "groupId": "" >>>>>>> } >>>>>>> ] >>>>>>> } >>>>>>> >>>>>>> >>>>>>> 2. Following POST Resource is similar to the one we have for >>>>>>> lifecycle change. This will change the owner of the given application >>>>>>> >>>>>> In 3.0.0, we have slighly change the format of similar queries. For >>>>>> ex: >>>>>> >>>>>> '/applications/{applicationId}/map-keys': >>>>>> >>>>>> instead of using >>>>>> >>>>>> '/applications/map-keys?applicationId=<id>': >>>>>> >>>>>> Since this is a new API in admin, I think first approach is better as >>>>>> that is the approach we will be following most of the time for 3.0.0 and >>>>>> there will be less amount of API changes for a user migrating from 2.x to >>>>>> 3.0.0 >>>>>> >>>>> Will follow the first approach. >>>>> >>>>>> >>>>>> >>>>>> >>>>>> On Sun, Dec 17, 2017 at 1:12 PM, Godwin Shrimal <[email protected]> >>>>>> wrote: >>>>>> >>>>>>> Hi Sam, >>>>>>> >>>>>>> Who can change the owner of the application? >>>>>>> >>>>>> >>>>>> *@Godwin*, I think we will be defining a new scope for the API which >>>>>> can only be retrieved from an admin user. *@Sam* will we do that? >>>>>> >>>>> yes thought of having a separate scope like apim:app_manage >>>>> >>>>>> >>>>>> >>>>>>> >>>>>>> Thanks >>>>>>> Godwin >>>>>>> >>>>>> >>>>>> >>>>>> Thanks! >>>>>> Malintha >>>>>> >>>>>> POST /applications/change-owner >>>>>>> >>>>>>> Parameters >>>>>>> query application UUID >>>>>>> query newOwner >>>>>>> >>>>>>> Sample Response : >>>>>>> >>>>>>> { >>>>>>> "applicationId": "6edcac5e-4df3-42fe-8a21-07c114085bcb", >>>>>>> "name": "AppY", >>>>>>> "subscriber": "newOwner", >>>>>>> "throttlingTier": "Unlimited", >>>>>>> "callbackUrl": null, >>>>>>> "description": "", >>>>>>> "status": "APPROVED", >>>>>>> "groupId": "" >>>>>>> } >>>>>>> >>>>>>> Please let me know your thoughts on this. >>>>>>> >>>>>>> [1] Application Sharing support for Multiple Groups >>>>>>> >>>>>>> Thanks, >>>>>>> Sam >>>>>>> >>>>>>> >>>>>>> -- >>>>>>> *Sam Sivayogam* >>>>>>> >>>>>>> Senior Software Engineer >>>>>>> Mobile : +94 772 906 439 >>>>>>> Office : +94 112 145 345 >>>>>>> *WSO2, Inc. :** wso2.com <http://wso2.com/>* >>>>>>> lean.enterprise.middleware. >>>>>>> >>>>>> >>>>>> >>>>>> >>>>>> -- >>>>>> Malintha Amarasinghe >>>>>> *WSO2, Inc. - lean | enterprise | middleware* >>>>>> http://wso2.com/ >>>>>> >>>>>> Mobile : +94 712383306 <+94%2071%20238%203306> >>>>>> >>>>> >>>>> >>>>> >>>>> -- >>>>> *Sam Sivayogam* >>>>> >>>>> Senior Software Engineer >>>>> Mobile : +94 772 906 439 >>>>> Office : +94 112 145 345 >>>>> *WSO2, Inc. :** wso2.com <http://wso2.com/>* >>>>> lean.enterprise.middleware. >>>>> >>>> -- >>>> *Prasanna Dangalla* >>>> Senior Software Engineer, WSO2, Inc.; http://wso2.com/ >>>> lean.enterprise.middleware >>>> >>>> >>>> *cell: +94 718 11 27 51* >>>> *twitter: @prasa77* >>>> >>> >>> >>> >>> -- >>> Thanks & Regards, >>> >>> *Fazlan Nazeem* >>> Senior Software Engineer >>> WSO2 Inc >>> Mobile : +94772338839 >>> <%2B94%20%280%29%20773%20451194> >>> [email protected] >>> >> >> >> >> -- >> Nuwan Dias >> >> Software Architect - WSO2, Inc. http://wso2.com >> email : [email protected] >> Phone : +94 777 775 729 <+94%2077%20777%205729> >> > > > > -- > Shazni Nazeer > > Mob : +94 777737331 > LinkedIn : http://lk.linkedin.com/in/shazninazeer > > Blogs : > > https://medium.com/@mshazninazeer > http://shazninazeer.blogspot.com > > <http://wso2.com/signature> > -- Nuwan Dias Software Architect - WSO2, Inc. http://wso2.com email : [email protected] Phone : +94 777 775 729
_______________________________________________ Architecture mailing list [email protected] https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture
