Shawn, I mapped core's groupmgr.assignRole method to existing endpoint in adminmgr (assignUser endpoint) because the entity we use there (UserRole) is the same for Group and User objects. The only difference is "isGroupRole" boolean field in this entity. Definitely, for conformity's sake, I can use a separate endpoint for this. Do you think we should introduce an additional endpoint(s) for assign/deassign group role?
Regarding accessMgr.createGroupSession. Did you mean core's accessMgr or enmasse one? In enmasse I introduced an additional endpoint for clarity. The same is true for core's accessMgr, by using a separate (not overloaded) method I wanted to underline that the session is being created for Group and it's trusted. Do you think we should rename core method to use Group as argument and become overloaded? Overall, thank you for your comments, I really appreciate the guidance! -- Kind Regards, Vyacheslav Vakhlyuev Software Engineer Mirantis, Inc www.mirantis.com Skype: vahluev.vyacheslav
