vongosling commented on pull request #6: URL: https://github.com/apache/rocketmq-dashboard/pull/6#issuecomment-901947786
> I come up with an idea for improving authentication. > For now, the relationship is > > ``` > user -> role > role -> uri > ``` > > Maybe we can introduce permission > > ``` > user -> role > role -> permission > > (URI/button/tab) requires permission > ``` > > user have role, role contains several permissions. A login user can have a permission set. > for example we have a topic_write permission. > > For backend: invoke create topic method requires topic_write permission ==> (we can add @Permission(value = "topic_write") to the create topic method) > > For front end: show create topic button requires topic_write permission ==> (we can get permissions after login,only show create topic button if the user has topic_write permission) > > Do you have any suggestions? Agree, specifically speaking, we could learn lessons from RBAC, here resources may have different operations -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
