[
https://issues.apache.org/jira/browse/WHIMSY-54?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15962117#comment-15962117
]
Sam Ruby commented on WHIMSY-54:
--------------------------------
The commits you saw were not successful; but I'm certainly experimenting along
those lines.
I believe I have working on my machine asf-secretary and root, but I won't know
for sure until it is deployed as I don't have a test id (and certainly not one
as root).
Not yet explored: dissimilar ldap configurations. For example, member is a
list of memberUids, but pmc-chair is a list of members (full dn's). This poses
two challenges: finding a way to represent this cleanly in the YAML and making
it work. Both appear to be solvable.
There remains one notable exception: if a committer is invited to a board
meeting, they have access to the agenda even if they are neither a member or
pmc-chair.
> Re-organise auth. by TLD?
> -------------------------
>
> Key: WHIMSY-54
> URL: https://issues.apache.org/jira/browse/WHIMSY-54
> Project: Whimsy
> Issue Type: Improvement
> Reporter: Sebb
>
> Various parts of Whimsy require auth.
> At present this is done per app, which results in quite a complicated scheme.
> Also the auth conf is held in puppet whereas the app is in the Whimsy repo,
> so it's tricky to relate them.
> When adding a new app, the puppet config has to be updated as well.
> This can easily be overlooked.
> Maybe we should just use auth at the top level directory?
> This might require some apps to be moved, but would be much simpler to
> maintain going forward.
> The following levels are used currently:
> None
> ASF Committers
> ASF Members and Incubator PMC
> ASF Members and Officers
> ASF Members
> ASF Secretarial Team
> This suggests the following directories as a minimum:
> committers
> incubator
> officers
> members
> secretary
--
This message was sent by Atlassian JIRA
(v6.3.15#6346)
