Il giorno 20/mar/2012, alle ore 16.23, Colm O hEigeartaigh ha scritto: > Hi, > >>> ROLE_LIST entitlement used to exist as plain entitlement, but was removed >>> (and RoleController.list() made public) alongside with some other >>> entitlements, when self registration feature was added to the console. >>> If a user wants to do self register, he should have access as anonymous - >>> to some information: role list, schema list, ... > > Ok I see. However, not every deployer of Syncope will want to allow > self-registration or anonymous access to role information via the REST > API. > >>> Currently, not: good feature for roadmap? > > I've added the following: > > https://issues.apache.org/jira/browse/SYNCOPE-44 > >> Of course. This information is needed by the administration console in order >> to provide a detailed feedback about a deleted user. >> Actually, I think that we could provide the same information in case of role >> and membership as well. > > Will I create a JIRA for this? All delete operations should return the > deleted object via HTTP GET?
Yes please. Thank you. Regards, F. > > Thanks, > > Colm. > > On Fri, Mar 16, 2012 at 4:46 PM, Fabio Martelli > <[email protected]> wrote: >> >> Il giorno 16/mar/2012, alle ore 17.33, Francesco Chicchiriccò ha scritto: >> >>> On 16/03/2012 17:22, Colm O hEigeartaigh wrote: >>>> Following on from my questions about users, here are some questions >>>> about roles... >>>> >>>> 1) Should there be a ROLE_LIST entitlement added by default? >>>> RoleController.list() currently has no authorization so anyone can >>>> list the roles. Should there also be a RoleController.count() method >>>> with the same entitlement as per the UserController? >>> >>> ROLE_LIST entitlement used to exist as plain entitlement, but was removed >>> (and RoleController.list() made public) alongside with some other >>> entitlements, when self registration feature was added to the console. >>> If a user wants to do self register, he should have access as anonymous - >>> to some information: role list, schema list, ... >>> >>> We can, of course, discuss and see if there is any better way to handle >>> such situation! >>> >>>> 2) Is it possible to search for a role? I couldn't find any >>>> functionality to do this. >>> >>> Currently, not: good feature for roadmap? >>> >>>> 3) RoleController.delete() does not return the deleted RoleTO object, >>>> unlike the corresponding method in UserController. It also uses the >>>> HTTP delete verb instead of get as per the UserController. I suggest >>>> there should be consistent behaviour for delete across the >>>> controllers. >>> >>> Actually, all REST controller's delete() have void as return type: >>> personally, I did not even notice that UserController's return type was >>> changed: Fabio, do you know why? >> >> Of course. This information is needed by the administration console in order >> to provide a detailed feedback about a deleted user. >> Actually, I think that we could provide the same information in case of role >> and membership as well. >> >>>> 4) From the wiki - "currently roles cannot be propagated". Is this >>>> just for virtual attributes or for any attributes? >>> >>> Roles (and their attributes) are not considered at all, when propagating. >>> >>>> Are there any plans to support this? >>> >>> Actually... yes! Such features was already in pre-ASF roadmap. >>> >>> Looks like we should start gathering all these roadmap hints somewhere: a >>> wiki page? Any volunteer for this? >>> >>> Regards. >>> >>> -- >>> Francesco Chicchiriccò >>> >>> Apache Cocoon PMC and Apache Syncope PPMC Member >>> http://people.apache.org/~ilgrosso/ >>> >> > > > > -- > Colm O hEigeartaigh > > Talend Community Coder > http://coders.talend.com
