Here are some possible complications
1. Amazon queues has a concept of owner. Do we support that in Carbon?
2. When sharing the permissions users sends a list of users with list of
actions with a label. Lets assume these set users and actions means give all
the given permissions to users.
When removing the permissions it send only the label. Now where can we kept
this label?
thanks,
Amila.
On Tue, Nov 23, 2010 at 8:15 AM, Prabath Siriwardana <prab...@wso2.com>wrote:
>
>
> On Mon, Nov 22, 2010 at 8:26 PM, Paul Fremantle <p...@wso2.com> wrote:
>
>> Prabath
>>
>> Do you think we need to tie this into our permission store? Or treat it as
>> "application level" permissions.
>
>
> I think we can get this fit in to the Carbon authorization model - I will
> have a chat this afternoon with Manjula...
>
> Thanks & regards,
> -Prabath
>
>
>> The issue is that if we treat it as special for SQS then this can be
>> bypassed by accessing AMQP or JMS for the same queues.
>>
>> Paul
>>
>> On 22 November 2010 12:40, Manjula Rathnayake <manju...@wso2.com> wrote:
>>
>>> Hi all,
>>>
>>> In Simple Queue Service(SQS) we can share queues with other users who
>>> have AWS accounts registered.
>>> And they don't need to sign up with SQS. We can set permission to actions
>>> involved with queue services
>>> as an example, SendMessage, DeleteMessage and so on.
>>>
>>> According to the SQS wsdl, sharing a queue with other users is done by
>>> AddPermission() method which
>>> takes input parameters as
>>> LabelName - String
>>> AWSAccountIds - String[]
>>> ActionNames - String[]
>>>
>>> To remove permissions we can use,
>>> removePermission(String LabelName)
>>>
>>> So, It is assumed that for each AWSAccountIds has been given permission
>>> to all ActionNames.
>>> Is this assumption correct? please have a look and give your comments.
>>>
>>> Assuming above understanding is correct, checking user permissions to do
>>> actions on queue is
>>> implemented as below.
>>>
>>> public class PermissionLabel {
>>> private List<String> sharedUserList;
>>> private List<String> operationList;
>>>
>>> public PermissionLabel(List<String> sharedUserList,
>>> List<String> operationList) {
>>> this.sharedUserList = sharedUserList;
>>> this.operationList = operationList;
>>> }
>>>
>>> public List<String> getSharedUserList() {
>>> return sharedUserList;
>>> }
>>>
>>> public boolean isSharedForOperation(String loggedInUser, String
>>> operation) {
>>> if (sharedUserList.contains(loggedInUser) &&
>>> operationList.contains(operation)) {
>>> return true;
>>> } else {
>>> return false;
>>> }
>>> }
>>> }
>>>
>>>
>>> More details of these operations is available at [1] and in the attached
>>> file.
>>> [1].
>>> http://docs.amazonwebservices.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/index.html?acp-overview.html#PermissionTypes
>>>
>>>
>>> --
>>> Manjula Rathnayaka
>>> Software Engineer
>>> WSO2, Inc.
>>> Mobile:+94 77 743 1987
>>>
>>> _______________________________________________
>>> Carbon-dev mailing list
>>> Carbon-dev@wso2.org
>>> https://wso2.org/cgi-bin/mailman/listinfo/carbon-dev
>>>
>>>
>>
>>
>> --
>> Paul Fremantle
>> CTO and Co-Founder, WSO2
>> OASIS WS-RX TC Co-chair, VP, Apache Synapse
>>
>> Office: +44 844 484 8143
>> Cell: +44 798 447 4618
>>
>> blog: http://pzf.fremantle.org
>> twitter.com/pzfreo
>> p...@wso2.com
>>
>> wso2.com Lean Enterprise Middleware
>>
>> Disclaimer: This communication may contain privileged or other
>> confidential information and is intended exclusively for the addressee/s. If
>> you are not the intended recipient/s, or believe that you may have received
>> this communication in error, please reply to the sender indicating that fact
>> and delete the copy you received and in addition, you should not print,
>> copy, retransmit, disseminate, or otherwise use the information contained in
>> this communication. Internet communications cannot be guaranteed to be
>> timely, secure, error or virus-free. The sender does not accept liability
>> for any errors or omissions.
>>
>> _______________________________________________
>> Carbon-dev mailing list
>> Carbon-dev@wso2.org
>> https://wso2.org/cgi-bin/mailman/listinfo/carbon-dev
>>
>>
>
>
> --
> Thanks & Regards,
> Prabath Siriwardena
>
> http://blog.facilelogin.com
> http://RampartFAQ.com
>
> _______________________________________________
> Carbon-dev mailing list
> Carbon-dev@wso2.org
> https://wso2.org/cgi-bin/mailman/listinfo/carbon-dev
>
>
_______________________________________________
Carbon-dev mailing list
Carbon-dev@wso2.org
https://wso2.org/cgi-bin/mailman/listinfo/carbon-dev
