rawlinp commented on issue #3870: Rewrite /capabilities to Go
URL: https://github.com/apache/trafficcontrol/pull/3870#issuecomment-521444682
So, I have a number of questions about capabilities:
1. what is the difference between a capability and an api_capability?
2. do we need both?
3. do we really need the ability to CRUD capabilities in general? It seems
like capabilities are statically defined in terms of API endpoints/"things you
can do". Why do we need the ability to dynamically CRUD those things?
It seems like "roles" are what really actually to be dynamic -- not
capabilities. If you have a user you want to give a limited set of
capabilities, you create a new role, add in the capabilities you want to give
them, and assign the new role to the user.
It doesn't make sense to create a new capability via the API or update or
delete existing capabilities. IMO it really only makes sense to be able to
_read_ the statically defined capabilities, so that you have the full set to
choose from.
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
With regards,
Apache Git Services