[
https://issues.apache.org/jira/browse/WHIMSY-54?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15203332#comment-15203332
]
Sam Ruby commented on WHIMSY-54:
--------------------------------
This seems to be multiple independent topics?
For the first, you are proposing URLs like:
/committers/roster/committer/
/officers/board/agenda/
If so, -0. I would, however, support those directories being added where not
currently present.
As to the second topic, it isn't clear to me what server you are talking about?
This isn't a single application, the server is Apache httpd, which serves both
CGI and Passenger/rack applications. Many applications use a common library,
however: whimsy/asf.
The library can do more to encapsulate access checks. It is worth noting that
applications that perform updates (e.g. roster, secretary/public_names,
board/agenda) need to have access to the full credentials.
> Re-organise auth. by TLD?
> -------------------------
>
> Key: WHIMSY-54
> URL: https://issues.apache.org/jira/browse/WHIMSY-54
> Project: Whimsy
> Issue Type: Improvement
> Reporter: Sebb
>
> Various parts of Whimsy require auth.
> At present this is done per app, which results in quite a complicated scheme.
> Also the auth conf is held in puppet whereas the app is in the Whimsy repo,
> so it's tricky to relate them.
> When adding a new app, the puppet config has to be updated as well.
> This can easily be overlooked.
> Maybe we should just use auth at the top level directory?
> This might require some apps to be moved, but would be much simpler to
> maintain going forward.
> The following levels are used currently:
> None
> ASF Committers
> ASF Members and Incubator PMC
> ASF Members and Officers
> ASF Members
> ASF Secretarial Team
> This suggests the following directories as a minimum:
> committers
> incubator
> officers
> members
> secretary
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
