I don't think we should change the owner concept at this time. So +1 for a
simple chown() method to change the owner (aka author) of a resource and a
recursive option to do so recursively from a given starting point in the
resource tree.
Sanjiva.
Jonathan Marsh wrote:
I think our current concept of ownership is more than just permissions. For
instance if I search for the "author" (owner) of a resource, I don't
currently get everyone who has full permissions. Likewise if permissions
are assigned to users or roles, then it would be natural to assign
"ownership" of a resource to a role, which we also don't allow. So I think
there's still a little bit of ownership that's not captured with
permissions.
I see some advantages to replacing the concept of authorship with
permissions, but it has some serious effects on our current model of user
experience.
Jonathan Marsh - http://www.wso2.com - http://auburnmarshes.spaces.live.com
-----Original Message-----
From: [EMAIL PROTECTED] [mailto:registry-dev-
[EMAIL PROTECTED] On Behalf Of Chathura C. Ekanayake
Sent: Monday, December 03, 2007 4:04 AM
To: [email protected]
Subject: Re: [Registry-dev] Changing ownership
I think "ownership" is the ability do any thing on the resource. So I
think when changing the ownership, what we should do is to copy all the
permissions of the author to the new owner. We can do it recursively as
well.
Currently we don't support authorizations per each version.
Authorizations are set for the resource, which affects all versions of
it. Authorizations per each version is not much useful as the only
actions that can be performed on old versions is to read and restore.
Thanks,
Chathura
Sanjiva Weerawarana wrote:
+1. In fact, it'd be useful to make this recursive too .. change all
files owned by X to Y.
Maybe part of the admin interface (at a UI level)? API level is
needed
of course.
Should this result in a new version?? X owner versions 1..n. Now Y
owns version n+1 onwards. IMO that's cleaner but I don't think the
data model will support that right now .
Sanjiva.
Jonathan Marsh wrote:
Glen and I were talking about enterprise access control, and
postulated the need for a "change ownership" API on a resource. The
scenario is when an individual "owns" a resource used by the
enterprise, and then changes jobs so he's no longer responsible for
the resource. A way to designate the new responsible party, if one
doesn't already exist, would be useful.
*Jonathan Marsh* - http://www.wso2.com -
http://auburnmarshes.spaces.live.com
--------------------------------------------------------------------
----
_______________________________________________
Registry-dev mailing list
[email protected]
http://wso2.org/cgi-bin/mailman/listinfo/registry-dev
_______________________________________________
Registry-dev mailing list
[email protected]
http://wso2.org/cgi-bin/mailman/listinfo/registry-dev
_______________________________________________
Registry-dev mailing list
[email protected]
http://wso2.org/cgi-bin/mailman/listinfo/registry-dev
--
Sanjiva Weerawarana, Ph.D.
Founder, Chairman & CEO; WSO2, Inc.; http://www.wso2.com/
email: [EMAIL PROTECTED]; cell: +1 650 265 8311 | +94 77 787 6880
"Oxygenating the Web Service Platform."
_______________________________________________
Registry-dev mailing list
[email protected]
http://wso2.org/cgi-bin/mailman/listinfo/registry-dev
