>
>
> 1). Provide a way to map feature-permissions for the device types that are
> being created using the API.
>
we can allow this capability to be used for the pluggable device type but I
think we cannot allow to create new permissions during runtime, since this
permission hierarchy is visible to
Hi Ayyoob,
+1 for the idea. In my understanding, we need to consider following two
aspects for the implementation with the new pluggable device type API.
1). Provide a way to map feature-permissions for the device types that are
being created using the API.
2). Implement the feature-permission ma
adding Prabath.
Don't we have this level of permission checks though identity components?
If we have to implement this, then if we can keep the model with only allow
actions, it will simplify the model.
--Srinath
On Sat, May 6, 2017 at 12:45 AM, Ayyoob Hamza wrote:
> @Sumedha,
> Yes, it does
@Sumedha,
Yes, it does in the context of the API. we can use the same permissions in
the feature. The issue is that the permission in the API does not get
propagated to the device context.
@Chathura
> What does it mean if a role R1 has access to device group G1, but doesn't
> have permission to a
What does it mean if a role R1 has access to device group G1, but doesn't
have permission to any feature of devices in G1? One option is to allow
such roles to only get information+status of devices.
On Fri, May 5, 2017 at 11:05 AM, Chathura Ekanayake
wrote:
> I think we have to maintain followi
I think we have to maintain following mappings to support this permission
model (most of them are currently in the DB):
device -> device group
feature -> permission (is this coming from the device type xml file?)
permission -> role
user -> role
device group -> role
I think the permission evaluati
+1 to the idea.
Permission to feature mapping is already happening within JAX-RS
definition. Isn't t?
On Fri, May 5, 2017 at 1:48 AM, Ayyoob Hamza wrote:
> Hi All,
>
> We can share a device group among the users with a specific set of
> permissions(through a Role). However in the current implem
Hi All,
We can share a device group among the users with a specific set of
permissions(through a Role). However in the current implementation, Even if
the group is shared still the users in the group will not be able to
operate the device unless they have the admin permission. This restricts
scena