Hi all, About the admin application - there are multiple reasons for why it wasn't enabled.
- In the 1.6 release, Toaster had no user-writable data. An admin application would not provide any feature we need. - The data structures are complicated with multiple interdependent tables; in order to provide admin access, we would've need to write a lot of code (in admin model classes) to allow the admin interface make sense of the data. This implies a lot of work, without any benefit in return. - Enabling the admin system requires user accounts and enabling access control. We don't have user objects, or an access control policy, so an essential prerequisite of the admin application is missing. I would love to hear your ideas about what kind of features would be provided by having an admin application - maybe we can incorporate them in plans for future versions. Cheers, Alex On Thu, May 29, 2014 at 10:53 AM, Barros Pena, Belen < [email protected]> wrote: > On 29/05/2014 03:59, "Bob Cochran" <[email protected]> wrote: > > >On 05/28/2014 04:35 PM, Wymore, Farrell wrote: > >> I¹ve attached a (short) working paper. This is fairly high level but > >> outlines the main ideas and > >> > >> implementation plan. Everywhere the documents indicates a Œbuild¹, > >> substitute Œproject¹. Please > >> > >> let me know what you think. Thanks. > >> > > > > > >Hi Farrell, > > Hi Bob, > > The answers to your questions are... well, that we don't have answers yet > :) Just to clarify: access control and permissions are not a key > deliverable for the 1.7 release. We'll make them happen if we can, subject > to the priority work being done. Some more details below. > > > > >I have a few questions about your document & Toaster in general: > > > >Will the Toaster permissions correspond in any way to the actual build > >folders, or is this just permissions to access specific web pages and > >links (e.g., start build)? > > Personally, I'd like to see permissions based on projects. Projects are > coming on the 1.7 release. A project will be a specific configuration you > can build against, making changes to it as needed of course (you might > want to change the value of a variable or add a layer or what not). If you > have a configuration that you know a few people will need to build > against, you give them "build access" to that project. If you want them to > be able to change the configuration, you give them "edit" (or write) > access. If you just want them to download the outcome of the builds (a > rootfs), you give them "download" (or read) access. > > I think the Linux file system is very sophisticated, probably a bit too > much for a first implementation of access control in a web application. > Also, we might find we need different types of permissions other than read > and write. But everything is still very much in the air: we are still > discussing how to do this. > > > > >A related question: Is the idea that a toaster user will never grab a > >shell? > > That is an interesting question. I don't think the idea is to prevent > people from grabbing a shell: it's about providing alternatives to the > shell. > > > > >If a user has basic permissions, can a user create a new image recipe, > >work directory, and bbappend files to create their own customized image? > > See above: there might be different kinds of permissions, and permissions > could be allocated for a specific configuration (i.e. a project). > > > > > If so, will the permission model also support the amount of storage > >available to the user? > >You¹ll probably want to prevent a user from > >creating an infinite number of new projects until the disks are exhausted. > > This is a very good point: when we design the permissions system, we > should keep this in mind. > > > > > >Why is the Django admin application not supported in Toaster? > > Alex will need to answer this one. > > >I just > >started using Toaster (but am a long time user of Django). For local > >server use, I'll want to patch in the admin app. > > > >Lastly, Upon initial review & use, Toaster seems awesome! > > > >Thank you, > > > >Bob Cochran > > > > > > > > > > > > > >-- > >_______________________________________________ > >toaster mailing list > >[email protected] > >https://lists.yoctoproject.org/listinfo/toaster > > -- Alex Damian Yocto Project SSG / OTC
-- _______________________________________________ toaster mailing list [email protected] https://lists.yoctoproject.org/listinfo/toaster
