I'm OK with that. On Tue, Nov 16, 2010 at 12:24 PM, Suhothayan Sriskandarajah < [email protected]> wrote:
> On 16 November 2010 20:07, Adriano Crestani <[email protected] > >wrote: > > > Hi Suhothayan,, > > > > Yes, my initial idea is to have privacy visibility defined per tag. Do > you > > have any other suggestion? > > > > great > > Since there is no JSON RPC calls and we are only dealing with REST, there > wont be much implications in implementing security to the rest branch. But > in order to provide security, each API calls need to be tested against the > corresponding session cookie, in order to check who calls the request, what > album is he accessing, and does he has permission to do so, etc... > > For this to be successful, I Suggest we should come up with Security API > which will be published as services, and they will indeed call the low > level > API that we are implementing. > > Thoughts? > > Regards > Suho > > > > On Tue, Nov 16, 2010 at 11:29 AM, Suhothayan Sriskandarajah < > > [email protected]> wrote: > > > > > On 15 November 2010 00:49, Adriano Crestani <[email protected] > > > >wrote: > > > > > > > It would be great to understand the difference between high and low > > > > level here, particular because I don't think we need a very complex > > > > and deep API. > > > > > > > > High = API exposed as SOA service > > > > Low = API used by the service implementation to manipulate images and > > > tags > > > > > > > > You mentioned these are low level, then Gallery really seems high > > > > level. How about PhotoStream ? > > > > > > > > Gallery is low level according to the description I just gave above > :) > > If > > > > you want to rename it to PhotoStream, for me it's OK. > > > > > > > > I'm not sure about the tag operations. Shouldn't this be like an > > > > "update" to the image "metadata" where you add a new tag to it ? > > > > > > > > That sounds reasonable too :) > > > > > > > > I'm not sure I understand this. To me, subscription and the actual > > > > gallery are decoupled. > > > > > > > > The sync operation needs to push the images retrieved from remote > > > provider > > > > to a gallery. > > > > > > > > Seems good > > > +1 > > > > > > And i also suggest to think about the big picture, how we can provide > > > security throught this. > > > Therefore we can implement security after this is done > > > > > > Are we going to secure albums based on album tags ? > > > > > > Regards > > > Suho > > > > > > > > > > > > > > > On Sun, Nov 14, 2010 at 2:43 PM, Luciano Resende < > [email protected] > > > > >wrote: > > > > > > > > > It would be great to understand the difference between high and low > > > > > level here, particular because I don't think we need a very complex > > > > > and deep API. > > > > > > > > > > > > > > >
