Roller user/weblog management via web services (was Re: proposal: atom admin)

Thu, 26 Jan 2006 08:18:01 -0800

I think this proposal is looking really good and provides things that just about any large organization is going need -- web service methods to manage users and weblogs and user-weblog membership.
Jeff is preparing a patch that provides this functionality, so please take a look and give Jeff some feedback. 


I'm not sure we should use the name "Atom Admin Publishing Protocol"  
since it's not really Atom, but it is based on ideas from the Atom  
protocol and uses the same architecture as the Atom protocol  
implementation that we have in the Roller sandbox.


- Dave


On Jan 13, 2006, at 7:58 PM, Jeff Blattman wrote:

hi dave,


yes, i forgot to specify the member / group actions. i took another  
crack at it based on your suggestion. i wasn't sure of the  
preferred terminology. i called the endpoint "members" and went  
from there:
http://rollerweblogger.org/wiki/Wiki.jsp?page=Proposal_AAPP#section- 
Proposal_AAPP-MemberVerbs



another approach, which is what i was initially thinking, would be  
to have weblog members be defined as part of the weblog entry  
(<weblog>), and affected through the /aapp/weblogs endpoint by  
modifying the XML content.



on the handling of the weblog user (aka creator, aka owner), it  
sounds like we should simply not expose that and let permissions be  
handled through the members endpoint. if i understand you  
correctly, the creating user has no special significance after the  
weblog has been created.


thanks.

David M Johnson wrote:


On Jan 11, 2006, at 7:27 PM, Jeff Blattman wrote:

feedback appreciated.
http://rollerweblogger.org/wiki/Wiki.jsp?page=Proposal_AAPP


Thanks for writing this up Jeff, we need this!


I know you're trying to simplify this, and that's good, but it  
seems like you are missing an important piece.



A Roller weblog has a user, but that user is simply the user that  
created the weblog and is NOT necessarily the "owner" of the  
weblog. In fact, now that we have multiple users per blog, a blog  
can have multiple admin users. So you can't set the owner of a  
weblog by passing in just one username, unless you want to limit  
the protocol to ONLY creating weblogs and allow no other  
operations on weblogs.


You have this:
   GET all users
   POST a new user
   PUT  user
   DELETE user

And this:
   GET all weblogs
   POST a new weblog
   PUT weblog
   DELETE weblog

But is seems you also need this:
   GET all users in weblog X
   POST a new user in weblog X
   PUT user (to change user's permission in weblog X)
   DELETE user from weblog X

- Dave

















    











					Reply via email to