Here are some common examples:
https://help.github.com/articles/editing-a-comment/
https://en.support.wordpress.com/manage-comments/
Thanks,
Bhathiya
On Fri, May 19, 2017 at 12:33 PM, Sanjeewa Malalgoda
wrote:
> My idea was different, "Can anyone point me any site/forum which allow you
> to ed
My idea was different, "Can anyone point me any site/forum which allow you
to edit others comment(*not* approve/reject or *delete entire comment*)".
Delete entire comment support need to be their definitely. No doubt about
that.
Thanks,
sanjeewa.
On Fri, May 19, 2017 at 12:01 PM, Fazlan Nazeem w
Hi Sanjeewa,
In facebook, if someone posts a comment on our post, then we have the
permission to delete that comment even though that comment was not created
by us.
In a similar manner, shouldn't we at least support delete comment
permission to a moderator role(api owner or a configurable moderat
Can anyone point me any site/forum which allow you to edit others
comment(not approve/reject or delete entire comment). I'm just curious :)
Think what will happen when someone comment on your blogs, media etc(or
even you can think of product comments of most common e commerce
platforms). It will g
I think standard forums allow privileged users to moderate comments.
Moderation can be in the form of approving/rejecting comments or in the
form of removing obscene type of comments.
If we go down the workflow (approval) path, there's much to implement. Ex:
We need to introduce a "state" to the c
On Fri, May 19, 2017 at 10:52 AM, Sanjeewa Malalgoda
wrote:
>
>
> On Fri, May 19, 2017 at 10:43 AM, Bhathiya Jayasekara
> wrote:
>
>> Hi Sanjeewa,
>>
>> On Thu, May 18, 2017 at 5:09 PM, Sanjeewa Malalgoda
>> wrote:
>>
>>> I don't think its worth to get complete permission model for comments as
On Fri, May 19, 2017 at 10:43 AM, Bhathiya Jayasekara
wrote:
> Hi Sanjeewa,
>
> On Thu, May 18, 2017 at 5:09 PM, Sanjeewa Malalgoda
> wrote:
>
>> I don't think its worth to get complete permission model for comments as
>> well. Like bhathiya mentioned only comment owner is allowed to
>> update/d
Hi Sanjeewa,
On Thu, May 18, 2017 at 5:09 PM, Sanjeewa Malalgoda
wrote:
> I don't think its worth to get complete permission model for comments as
> well. Like bhathiya mentioned only comment owner is allowed to
> update/delete his comment. That is the normal behavior. Also i feel its
> better i
I don't think its worth to get complete permission model for comments as
well. Like bhathiya mentioned only comment owner is allowed to
update/delete his comment. That is the normal behavior. Also i feel its
better if we can have work flow support for comments(by default this need
to disabled). Onc
Hi Nuwan/Bhathiya,
On Tue, May 9, 2017 at 10:19 AM, Nuwan Dias wrote:
> I think what Bhathiya is suggesting is to bring in our usual permissions
> model (in APIM 3.0.0) to comments as well. This will require more data to
> be saved in the DB but will address the issue at hand.
>
>
Are you sugges
Hi Fazlan,
On Mon, May 8, 2017 at 3:42 PM, Fazlan Nazeem wrote:
> Hi all,
>
> This is about how we should handle access permission for subresources in
> api store.
>
> *Parent Resource Access *
>
> Consider the following REST calls.
>
> GET /apis/{apiId}/comments/{commentId}
> GET apis/{apiId}/d
I think what Bhathiya is suggesting is to bring in our usual permissions
model (in APIM 3.0.0) to comments as well. This will require more data to
be saved in the DB but will address the issue at hand.
There are two levels of permissions required here. One is "who can
add/update/remove comments in
This won't tackle the problem Musthaq suggested which requires validation
in the backend.
*Ayyoob Hamza*
*Senior Software Engineer*
WSO2 Inc.; http://wso2.com
email: ayy...@wso2.com cell: +94 77 1681010 <%2B94%2077%207779495>
On Tue, May 9, 2017 at 10:01 AM, Ayyoob Hamza wrote:
> Hi,
>
> We had
Hi,
We had a similar requirement to have a fine grained access for users in
IoTS and we went with the approach of assigning permission for scope rather
than roles.
*Ayyoob Hamza*
*Senior Software Engineer*
WSO2 Inc.; http://wso2.com
email: ayy...@wso2.com cell: +94 77 1681010 <%2B94%2077%20777949
Hi all,
WDYT of a simple solution like this. We allow anyone who has subscriber
role to read/write/delete (i.e. 7 in our permission model) their own
comments. If the admin role needs the same permission, we can set 7 for
admin role as well. Everyone else gets just read (i.e. 4.)
Thanks,
Bhathiya
Hi,
IMO this should not be allowed. AFAIC we might have to go with user
> validation.
> If we can get the logged in user's roles and if that user has admin-role
> or that particular comment is added by the logged in user we can allow this
> user to update or delete the comment. WDYT?
+1 for thi
Hi Mushthaq,
On Tue, May 9, 2017 at 9:51 AM, Mushthaq Rumy wrote:
> Hi Prasanna/Pubudu,
>
> I think if we use scope based validation there will be an issue here. Lets
> take the same example.
>
>
>
> *GET /apis/{apiId}/comments/{commentId} -
> comment-add-scopeDELETE /apis/{apiId}/
Hi Prasanna/Pubudu,
I think if we use scope based validation there will be an issue here. Lets
take the same example.
*GET /apis/{apiId}/comments/{commentId} -
comment-add-scopeDELETE /apis/{apiId}/documents/{documentId} -
comment-delete-scopeUPDATE /apis/{apiId}/documents/{
Hi Fazlan,
I think as Ishara and Pubudu have mentioned we can use the scope validation.
On Tue, May 9, 2017 at 12:03 AM, Pubudu Gunatilaka wrote:
> + Adding architecture mail group
>
> On Mon, May 8, 2017 at 11:59 PM, Pubudu Gunatilaka
> wrote:
>
>> Hi Fazlan,
>>
>> As Ishara mentioned above,
+ Adding architecture mail group
On Mon, May 8, 2017 at 11:59 PM, Pubudu Gunatilaka wrote:
> Hi Fazlan,
>
> As Ishara mentioned above, we can do this with scope validation. Each and
> every resource has a scope. The scope is associated with one or more roles.
> Consider the following example.
>
20 matches
Mail list logo
