bwsw commented on issue #3058: CLOUDSTACK-3049: update dynamic role for an account URL: https://github.com/apache/cloudstack/pull/3058#issuecomment-442096532 > It's end of my day, let me get back to you soon. In short, my hesitation stems from the fact that the operation in question has some security and privileges implications. As a general rule such an update param/operation must be privileged and checked. It's better to have this as separate api. Take example of other apis which change ownership, transfer relationships etc all cases which could too be solved by an update api as well. @rhtyd Well, if we decide that only global admin (not domain admin) can change that, then you are right, it's better to implement as a separate API call.
---------------------------------------------------------------- This is an automated message from the Apache Git Service. To respond to the message, please log on GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org With regards, Apache Git Services