Hi Jody, thank you for the feedback, please check my replies bellow: On Wed, Oct 16, 2019 at 11:44 PM Jody Garnett <[email protected]> wrote:
> I like the idea, care should be taken in the description as this is not > the only security consideration in play when trying to access a layer. > > Thoughts for discussion: > > - Consider moving to a security heading on the Data tab to be clear it is > about the raw data itself... not sure I like it. > I'm -1 on this one :(, that say, not sure what you mean by raw data, let's see what others thing. This new tab allows to manage the security of the layer, read or write, I can see in the future to grow to allow other modules to contribute. The data tab already seems a bit crowded to me. > - Not all the data restrictions are defined layer-by-layer, how do you > wish to show the workspace restrictions? "tiger.*" in your example? One > though would be to add a similar tab to the workspace screen, .. > Yes a tab will be added on workspaces allowing to: - configuring workspaces admin - and read write permission for the workspace - To communicate workspace restrictions a text description of the workspace > restrictions could be provided below the proposed roles table > - This may also be a good though to provide a summary of the service > restrictions in play for the layer? > - A better thought would be to show the workspace restrictions in the same > roles table, but grayed out and not editable ... > - Do we need to consider the tileset permissions separately? > I see the four last points as interesting new functionalities, but they are out of scope of this proposal. Allowing to configure the roles associated and permissions of a layer directly on the layer configuration page, seems to me that it is already a significant and self contained functionality :) > > Putting the above together: > a) add "name" column to the roles table so both "tiger.*" and > "tiger.tiger_roads" are listed > b) workspace rows are grayed out, only used to communicate data access > restrictions already in place > c) consider adding a similar tab to the workspace screen if you want to go > for consistency > > -- > Jody Garnett > > > On Thu, 10 Oct 2019 at 02:26, [email protected] < > [email protected]> wrote: > >> Dear all, >> >> I would like to submit to your attention the following geoserver >> improvement proposal: >> >> https://github.com/geoserver/geoserver/wiki/GSIP-182. >> >> Best regards, >> Marco Volpini >> _______________________________________________ >> Geoserver-devel mailing list >> [email protected] >> https://lists.sourceforge.net/lists/listinfo/geoserver-devel >> > _______________________________________________ > Geoserver-devel mailing list > [email protected] > https://lists.sourceforge.net/lists/listinfo/geoserver-devel > -- Regards, Nuno Oliveira == GeoServer Professional Services from the experts! Visit http://goo.gl/it488V for more information. == Nuno Miguel Carvalho Oliveira @nmcoliveira Software Engineer GeoSolutions S.A.S. Via di Montramito 3/A 55054 Massarosa (LU) Italy phone: +39 0584 962313 fax: +39 0584 1660272 http://www.geo-solutions.it http://twitter.com/geosolutions_it ------------------------------------------------------- Con riferimento alla normativa sul trattamento dei dati personali (Reg. UE 2016/679 - Regolamento generale sulla protezione dei dati “GDPR”), si precisa che ogni circostanza inerente alla presente email (il suo contenuto, gli eventuali allegati, etc.) è un dato la cui conoscenza è riservata al/i solo/i destinatario/i indicati dallo scrivente. Se il messaggio Le è giunto per errore, è tenuta/o a cancellarlo, ogni altra operazione è illecita. Le sarei comunque grato se potesse darmene notizia. This email is intended only for the person or entity to which it is addressed and may contain information that is privileged, confidential or otherwise protected from disclosure. We remind that - as provided by European Regulation 2016/679 “GDPR” - copying, dissemination or use of this e-mail or the information herein by anyone other than the intended recipient is prohibited. If you have received this email by mistake, please notify us immediately by telephone or e-mail.
_______________________________________________ Geoserver-devel mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/geoserver-devel
