On 16 November 2010 20:07, Adriano Crestani <[email protected]>wrote:
> Hi Suhothayan,, > > Yes, my initial idea is to have privacy visibility defined per tag. Do you > have any other suggestion? > > great Since there is no JSON RPC calls and we are only dealing with REST, there wont be much implications in implementing security to the rest branch. But in order to provide security, each API calls need to be tested against the corresponding session cookie, in order to check who calls the request, what album is he accessing, and does he has permission to do so, etc... For this to be successful, I Suggest we should come up with Security API which will be published as services, and they will indeed call the low level API that we are implementing. Thoughts? Regards Suho On Tue, Nov 16, 2010 at 11:29 AM, Suhothayan Sriskandarajah < > [email protected]> wrote: > > > On 15 November 2010 00:49, Adriano Crestani <[email protected] > > >wrote: > > > > > It would be great to understand the difference between high and low > > > level here, particular because I don't think we need a very complex > > > and deep API. > > > > > > High = API exposed as SOA service > > > Low = API used by the service implementation to manipulate images and > > tags > > > > > > You mentioned these are low level, then Gallery really seems high > > > level. How about PhotoStream ? > > > > > > Gallery is low level according to the description I just gave above :) > If > > > you want to rename it to PhotoStream, for me it's OK. > > > > > > I'm not sure about the tag operations. Shouldn't this be like an > > > "update" to the image "metadata" where you add a new tag to it ? > > > > > > That sounds reasonable too :) > > > > > > I'm not sure I understand this. To me, subscription and the actual > > > gallery are decoupled. > > > > > > The sync operation needs to push the images retrieved from remote > > provider > > > to a gallery. > > > > > > Seems good > > +1 > > > > And i also suggest to think about the big picture, how we can provide > > security throught this. > > Therefore we can implement security after this is done > > > > Are we going to secure albums based on album tags ? > > > > Regards > > Suho > > > > > > > > > > > On Sun, Nov 14, 2010 at 2:43 PM, Luciano Resende <[email protected] > > > >wrote: > > > > > > > It would be great to understand the difference between high and low > > > > level here, particular because I don't think we need a very complex > > > > and deep API. > > > > > > > > > >
