potiuk commented on PR #23: URL: https://github.com/apache/comdev/pull/23#issuecomment-4893359712
> You have described much of what is already implemented in ATR with permission schemes around roles and api endpoints and including admin functions around purging of tokens and disabling "banned" users. We are considering pushing more of this to `infrastructure-asfquart` which is the preferred base for Tooling and Infrastructure websites. I think you probably misread it. That has nothing to do with ATR - it's just long term "scope" of token. It's not "management" of the permissions - it's just using the permissions that are already present and exposed via Oauth, it's more of implementing token authenticaion mechanism manageable by the user via PonyMail. But of course if there is a mechanism for long term tokens handed-over by other systems centraly - this PonyMail mechanims can also support it, no problem whatsoever - it should be a simple, few line change. This is really mechanism of managing "tokens" not permisssions. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected] --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
