IMO, scopes for any application should be designed and implemented taking the end-to-end business functionalities into account, rather than focussing on different discrete pieces of small functional units such as UI, BE, etc. For instance, if some user is authorized to "manage users", the underlying scopes that make it possible to that particular user to perform the intended task, should be shared across the UI as well as the BE. In other words, the same scope that lets the user access the BE resources associated with managing users, can be re-used to render the associated UI elements as well. That way, not only it makes us avoid overly redundant scopes, which - if not managed properly - can be a headache, but also helps us make things much more simplified.
Cheers, Prabath On Mon, Jul 4, 2016 at 12:00 PM, Chathura Dilan <chathu...@wso2.com> wrote: > +Dev > > For the UI > > IMO, UI should have their own permissions. and they should be associated > with scopes > > Such as > > *UI Permission scopes* > manage_user users:add, users:edit, users:delete, users:view, roles:view > view_user users:view > > These UI permissions can to be assigned from the permission tree to a > role. Once the permission is assigned to a role, the scopes associated with > the permission also assigned to that role automatically. > > For that we can reduce the complexity of assigning the UI permission. WDYT? > > > > > On Mon, Jul 4, 2016 at 10:16 AM, Milan Perera <mi...@wso2.com> wrote: > >> Sure, will schedule it in the morning. >> >> On Mon, Jul 4, 2016 at 6:27 AM, Prabath Abeysekera <praba...@wso2.com> >> wrote: >> >>> Awesome! Shall we review this in the morn and be done with it? >>> >>> Cheers, >>> Prabath >>> >>> >>> On Monday, July 4, 2016, Milan Perera <mi...@wso2.com> wrote: >>> >>>> Hi all, >>>> >>>> I've done the $subject and its still in my fork [1]. Let's have a >>>> review on that and then I will merge. >>>> I've tested this implementation with JDBC scope validator and it works >>>> fine. >>>> >>>> Currently I just only changed the devicemgt-api and have to do >>>> necessary changes to other apis as well. >>>> >>>> [1] >>>> https://github.com/milanperera/carbon-device-mgt/commit/49623a4693dcbd35f6b5305c3e29d31254fcb4ce >>>> >>>> >>>> Regards, >>>> >>>> -- >>>> *Milan Perera *| Software Engineer >>>> WSO2, Inc | lean. enterprise. middleware. >>>> #20, Palm Grove, Colombo 03, Sri Lanka >>>> Mobile: +94 77 309 7088 | Work: +94 11 214 5345 >>>> Email: mi...@wso2.com | Web: www.wso2.com >>>> <http://lk.linkedin.com/in/milanharinduperera> >>>> >>> >>> >>> -- >>> Prabath Abeysekara >>> Technical Lead >>> WSO2 Inc. >>> Email: praba...@wso2.com >>> Mobile: +94774171471 >>> >>> >> >> >> -- >> *Milan Perera *| Software Engineer >> WSO2, Inc | lean. enterprise. middleware. >> #20, Palm Grove, Colombo 03, Sri Lanka >> Mobile: +94 77 309 7088 | Work: +94 11 214 5345 >> Email: mi...@wso2.com <ar...@wso2.com> | Web: www.wso2.com >> <http://lk.linkedin.com/in/milanharinduperera> >> > > > > -- > Regards, > > Chatura Dilan Perera > *Associate Tech Lead** - WSO2 Inc.* > www.dilan.me > -- Prabath Abeysekara Technical Lead WSO2 Inc. Email: praba...@wso2.com Mobile: +94774171471
_______________________________________________ Dev mailing list Dev@wso2.org http://wso2.org/cgi-bin/mailman/listinfo/dev