Hi, Need some clarification regarding the issue - [1]. In super tenant mode all the default roles can be seen once we login to carbon console(Internal/everyone, Internal/publisher, Internal/reviewer, Internal/subscriber, admin roles) . But in tenant mode, when we initially log in to admin console, we can only see admin, Internal/everyone, Internal/subscriber roles only and some roles are missing. But once we login to publisher, the missing roles - Internal/publisher and Internal/reviewer are generated.
Is this the expected behavior or do we need to make those missing roles available in tenant mode also? [1] - https://wso2.org/jira/browse/APPM-332 On Mon, Feb 2, 2015 at 12:35 PM, Ruwan Yatawara <ruw...@wso2.com> wrote: > Hi Thilini, > > The internal/store role is pretty much obsolete AFAIK. However there are > specific validations on the roles i've listed below . > > intermal/publisher - Can create Apps but cannot publish > internal/reviewer - Ones, publisher submits for an app to be published, > reviewer permission is needed to approve said request. > internal/subscriber - This role needs to be available for anyone to be > able to login to the store. > > However, IMHO i believe this is wrong and we should change it (Had a chat > with Manu and I think this is the same way things are implemented in ES). > > *What we should do is basically go for a permission check rather than > check for a role*. For an instance for creating of apps we should check > if a particular user has "api/create" *permission *(can be of any role) and > to publish "api/publish", permission etc. For the store however, its ok to > have a role based check as there is no specific reference to "store access" > in the permission tree. > > > Thanks and Regards, > > Ruwan Yatawara > > Senior Software Engineer, > WSO2 Inc. > > email : ruw...@wso2.com > mobile : +94 77 9110413 > blog : http://thoughts.ruwan-ace.com/ > www: :http://wso2.com > > > On Sun, Feb 1, 2015 at 11:31 AM, Thilini Shanika <thili...@wso2.com> > wrote: > >> Hi all, >> >> There are several bugs reported regarding the permission issues of >> default roles in App Manager. In order to fix and resolve them, we need to >> clarify what are the exact usage and permissions which should assigned >> with those roles. >> >> The roles which were subjected to permission issues are listed below with >> the current permissions assigned. >> >> - Internal/store-admin - Login >> - Internal/store - Login >> - Internal/reviewer - Login >> >> Can you please specify what are the usage, and whether the current >> permissions assigned are correct? If not correct what are the exact >> permissions that these roles should be assigned with? >> >> -- >> Thilini Shanika >> Software Engineer >> WSO2, Inc.; http://wso2.com >> 20, Palmgrove Avenue, Colombo 3 >> >> E-mail: tgtshan...@gmail.com >> >> > -- Thilini Shanika Software Engineer WSO2, Inc.; http://wso2.com 20, Palmgrove Avenue, Colombo 3 E-mail: tgtshan...@gmail.com
_______________________________________________ Dev mailing list Dev@wso2.org http://wso2.org/cgi-bin/mailman/listinfo/dev
