Hi Bhathiya/Chamin, Is it necessary to validate the roles ?
My point is, when creating an API if the user added multiple roles we can just save as it is and the roles which are in user stores will get the visibility and the wrongly added roles will be just in the database without any use since it has added wrongly. WDYT ? Thanks, Iqbal On Fri, Apr 7, 2017 at 1:47 PM, Chamin Dias <[email protected]> wrote: > Hi, > > As per the discussions we had for [1], we thought of facilitating the role > validation because if we try to facilitate the validation based on > usernames, it would be not feasible (when we have email as username, when > we have authentication via FB etc). So the option we had was *validating > roles at the time of creating the API* (actually the visibility for that > API). > > Therefore it would be great if we can have something like Bhathiya > suggested. IMHO, it will help to increase the performance when there are > many roles in the system. > > [1] http://wso2-oxygen-tank.10903.n7.nabble.com/Re-APIM-3- > 0-0-C5-Permission-model-Visibility-and-subscription- > availability-td147119.html#none > > On Fri, Apr 7, 2017 at 1:29 PM, Bhathiya Jayasekara <[email protected]> > wrote: > >> Hi IS team, >> >> In APIM, for role-based visibility in APIs, users can set a list of >> roles. When they save the API, APIM validates roles. In current >> implementation, we retrieve all roles from userstore and do the validation >> ourselves. But it doesn't look ok to me. What is your opinion? >> >> And can we retrieve all roles at once in every userstore? >> >> I believe we have an API to validate a single role. But I don't think >> there a way to validate multiple roles using a single request. >> >> So what should be the best way to achieve this? >> >> Thanks, >> -- >> *Bhathiya Jayasekara* >> *Associate Technical Lead,* >> *WSO2 inc., http://wso2.com <http://wso2.com>* >> >> *Phone: +94715478185 <+94%2071%20547%208185>* >> *LinkedIn: http://www.linkedin.com/in/bhathiyaj >> <http://www.linkedin.com/in/bhathiyaj>* >> *Twitter: https://twitter.com/bhathiyax <https://twitter.com/bhathiyax>* >> *Blog: http://movingaheadblog.blogspot.com >> <http://movingaheadblog.blogspot.com/>* >> > > > > -- > Chamin Dias > Mobile : +94 (0) 716 097455 <%2B94%20%280%29%20773%20451194> > Email : [email protected] > LinkedIn : https://www.linkedin.com/in/chamindias > > > _______________________________________________ > Dev mailing list > [email protected] > http://wso2.org/cgi-bin/mailman/listinfo/dev > > -- Irham Iqbal Software Engineer WSO2 phone: +94 777888452 <http://wso2.com/signature>
_______________________________________________ Dev mailing list [email protected] http://wso2.org/cgi-bin/mailman/listinfo/dev
