Hi Ruwan, IMHO, for App Manager users it'll be useful to have set of default roles given that the permissions are assigned accurately.
We reported many issues in this area assuming the following is the expected behavior. *Transition Process* *Allowed Roles* *Allowed Actions* Creating a new app Administrator Internal/Publisher Submitting newly created apps Administrator Internal/Publisher Submit Reviewing submitted apps Administrator Internal/Review Approve Reject Publishing approved apps Administrator Internal/Publisher Publish Re-submitting rejected apps Administrator Internal/Publisher Submit Unpublishing published apps Administrator Internal/Publisher Unpublish Re-publishing unpublished apps Administrator Internal/Publisher Publish Deprecating unpublished apps Administrator Internal/Publisher Deprecate Deprecating published apps Administrator Internal/Publisher Deprecate Retiring deprecated apps Administrator Internal/Publisher Retire If this is going to change, please let us know once it is finalized. Hope it'll be documented too. Thanks, Sandapa On Mon, Feb 2, 2015 at 12:35 PM, Ruwan Yatawara <[email protected]> wrote: > Hi Thilini, > > The internal/store role is pretty much obsolete AFAIK. However there are > specific validations on the roles i've listed below . > > intermal/publisher - Can create Apps but cannot publish > internal/reviewer - Ones, publisher submits for an app to be published, > reviewer permission is needed to approve said request. > internal/subscriber - This role needs to be available for anyone to be > able to login to the store. > > However, IMHO i believe this is wrong and we should change it (Had a chat > with Manu and I think this is the same way things are implemented in ES). > > *What we should do is basically go for a permission check rather than > check for a role*. For an instance for creating of apps we should check > if a particular user has "api/create" *permission *(can be of any role) and > to publish "api/publish", permission etc. For the store however, its ok to > have a role based check as there is no specific reference to "store access" > in the permission tree. > > > Thanks and Regards, > > Ruwan Yatawara > > Senior Software Engineer, > WSO2 Inc. > > email : [email protected] > mobile : +94 77 9110413 > blog : http://thoughts.ruwan-ace.com/ > www: :http://wso2.com > > > On Sun, Feb 1, 2015 at 11:31 AM, Thilini Shanika <[email protected]> > wrote: > >> Hi all, >> >> There are several bugs reported regarding the permission issues of >> default roles in App Manager. In order to fix and resolve them, we need to >> clarify what are the exact usage and permissions which should assigned >> with those roles. >> >> The roles which were subjected to permission issues are listed below with >> the current permissions assigned. >> >> - Internal/store-admin - Login >> - Internal/store - Login >> - Internal/reviewer - Login >> >> Can you please specify what are the usage, and whether the current >> permissions assigned are correct? If not correct what are the exact >> permissions that these roles should be assigned with? >> >> -- >> Thilini Shanika >> Software Engineer >> WSO2, Inc.; http://wso2.com >> 20, Palmgrove Avenue, Colombo 3 >> >> E-mail: [email protected] >> >> > > _______________________________________________ > Dev mailing list > [email protected] > http://wso2.org/cgi-bin/mailman/listinfo/dev > > -- Sandapa Handakumbura Associate Technical Lead WSO2.Inc. ; http://wso2.com/ M : +94777115866
_______________________________________________ Dev mailing list [email protected] http://wso2.org/cgi-bin/mailman/listinfo/dev
