[
https://issues.apache.org/jira/browse/CLOUDSTACK-8562?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15261958#comment-15261958
]
ASF GitHub Bot commented on CLOUDSTACK-8562:
--------------------------------------------
Github user koushik-das commented on the pull request:
https://github.com/apache/cloudstack/pull/1489#issuecomment-215389142
+1 on the feature. Based on testing done on the simulator with root admin
and normal user for a few APIs
+0 on the immediate removal of command.properties/static checker for new
installs and making dynamic checker as the only option for authorization.
Reason: Any blocker (including security bugs) in this will make the 4.9
release unusable for new installs as this the only authorisation mechanism for
entering into the system. It can still be used for pilot/test purposes though.
@rhtyd Who is saying to stop innovating and improving? I am only talking
about stability and choice.
@jburwell Hopefully the above reason explains how this is different from
other features (which impacts only a certain part of the product). Regarding
writing a plugin, I meant that if someone really needed a functionality like
this, they could have easily developed it outside of Cloudstack as well (like
some kind of portal calling Cloudstack APIs).
> User Definable Roles
> --------------------
>
> Key: CLOUDSTACK-8562
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-8562
> Project: CloudStack
> Issue Type: New Feature
> Security Level: Public(Anyone can view this level - this is the
> default.)
> Components: Management Server
> Reporter: Paul Angus
> Assignee: Rohit Yadav
>
> Static command.properties moved to database and made user definable
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
