Note that there are two ways to do the permission mapping in C4. 1) Per-resource - eg: in registry each resources has delete read writes permissions for each role. 2) Per-action - eg: in admin console each role can have permission to add users (but this can't be limited for just one user store)
We have kind of done 1 but in our code (this was how it was and didn't have time to change in last release), may be we should move it to gov side. I am not sure which one is correct for us, but please think about this. On Mon, May 9, 2016 at 3:11 AM, Sinthuja Ragendran <[email protected]> wrote: > Hi Megala, > > From the dashboard server point of view, we just need to have permission > tree as, > > - Portal > - Login > - Dashboard > - Create > - Delete > - Settings > > In this model, the create permission is required for the user to create > the dashboard, and similarly for other operations. We don't need to have > the designer/viewer permissions in this level, because we the design and > viewers are being assigned per dashboard and hence we can't globally > control with permission. > > Thanks, > Sinthuja. > > On Sat, May 7, 2016 at 3:31 PM, Megala Uthayakumar <[email protected]> > wrote: > >> Hi All, >> >> I am working on adding a permission model for Dashboard Server. I came >> across following requirement. >> >> Assume there is a permission for accessing designer portal of DS >> ("Designer-Portal"). Among the users who have "Designer-Portal" permission, >> only some are provided with the "Create-Dashboard" and "Delete-Dashboard" >> permission. AFAIU according to wso2 permission tree, we need to add >> "Design-Portal" permission as a child for both "Create-Dashboard" and >> "Delete-Dashboard" parents. But in that case, there will be two different >> permissions for accessing same designer portal. I think, it is not correct >> to provide the same accessing capabilities using two different permission >> level settings. >> >> Is there any way, such that permission tree can have the same child for >> two different parents? Any suggestions on this is highly appreciated. >> >> Thanks >> >> Regards, >> Megala >> >> -- >> Megala Uthayakumar >> >> Software Engineer >> Mobile : 0779967122 >> > > > > -- > *Sinthuja Rajendran* > Associate Technical Lead > WSO2, Inc.:http://wso2.com > > Blog: http://sinthu-rajan.blogspot.com/ > Mobile: +94774273955 > > > > _______________________________________________ > Dev mailing list > [email protected] > http://wso2.org/cgi-bin/mailman/listinfo/dev > > -- With regards, *Manu*ranga Perera. phone : 071 7 70 20 50 mail : [email protected]
_______________________________________________ Dev mailing list [email protected] http://wso2.org/cgi-bin/mailman/listinfo/dev
