According to the chat I had with Johann, we have came up with this model.
Basically as per now in C4 we don't have a way to add a permission
dynamically, and similar requirement has been raised in IS as well and they
have come up with this model.
The main reason for this is, there might be some dashboard that you are
working on and want to share between some users and grant some privileges.
It's not doable with global permission, bcz having an edit permission for
say sales dashboard doesn't mean you have the permission for admin
dashboard. Therefore this needs to be controlled per dashboard, not
globally.
Thanks,
Sinthuja.
On Tue, Jun 7, 2016 at 11:12 AM, Sriskandarajah Suhothayan <s...@wso2.com>
wrote:
> Why are we not using different permissions for each dashboard than using
> roles. I believe using permissions will be more scalable than using roles.
> WDYT?
>
> Regards
> Suho
>
> On Tue, Jun 7, 2016 at 2:38 PM, Nisala Nanayakkara <nis...@wso2.com>
> wrote:
>
>> Hi Udara,
>>
>> Since these are internal roles, they are not stored in LDAP. So it will
>> work fine.
>>
>> Thanks,
>> Nisala
>>
>> On Tue, Jun 7, 2016 at 10:57 AM, Udara Rathnayake <uda...@wso2.com>
>> wrote:
>>
>>> Another question, Is this going to work if we have to connect to a
>>> read-only LDAP/A
>>> D
>>> userstore?
>>>
>>> On Tue, Jun 7, 2016 at 9:43 AM, Tanya Madurapperuma <ta...@wso2.com>
>>> wrote:
>>>
>>>> Is this model scalable? Because per dashboard we will have to create 4
>>>> internal roles. So if we have N number of dashboards we will end up having
>>>> 4 * N number of internal roles.
>>>>
>>>> @ IS team : is this approach fine? Or is there any better approach?
>>>>
>>>> Thanks,
>>>> Tanya
>>>>
>>>> On Mon, Jun 6, 2016 at 3:44 PM, Nisala Nanayakkara <nis...@wso2.com>
>>>> wrote:
>>>>
>>>>> adding Johan and Manuranga
>>>>>
>>>>> Thanks,
>>>>> Nisala
>>>>>
>>>>> On Mon, Jun 6, 2016 at 3:41 PM, Nisala Nanayakkara <nis...@wso2.com>
>>>>> wrote:
>>>>>
>>>>>> Hi all,
>>>>>>
>>>>>> I am working on implementing an access levels model for WSO2
>>>>>> Dashboard Server. Currently global permission model for
>>>>>> create/delete/login
>>>>>> is implemented by Megala. Since it does not support to provide per
>>>>>> dashboard level access for the users. I am going to extend it and
>>>>>> implement
>>>>>> a permission model that can be used to provide per dashboard level access
>>>>>> for the users.
>>>>>>
>>>>>> In order to implement this feature, I am going to add four roles at
>>>>>> dashboard creation time as follows,
>>>>>>
>>>>>> - internal/dashboard/{dashboardID}/editor
>>>>>> - internal/dashboard/{dashboardID}/viewer
>>>>>> - internal/dashboard/{dashboardID}/settings
>>>>>> - internal/dashboard/{dashboardID}/delete
>>>>>>
>>>>>> At the dashboard creation time, the user who creates the dashboard
>>>>>> will get all the four roles. But other users have to get above roles to
>>>>>> do
>>>>>> appropriate actions to the dashboard. So that we can set above four roles
>>>>>> for the users and They will be given different access levels according to
>>>>>> their roles.
>>>>>>
>>>>>> Please feel free to give any feedback.
>>>>>>
>>>>>> Thanks,
>>>>>> Nisala
>>>>>> --
>>>>>> *Nisala Niroshana Nanayakkara,*
>>>>>> Software Engineer
>>>>>> Mobile:(+94)717600022
>>>>>> WSO2 Inc., http://wso2.com/
>>>>>>
>>>>>
>>>>>
>>>>>
>>>>> --
>>>>> *Nisala Niroshana Nanayakkara,*
>>>>> Software Engineer
>>>>> Mobile:(+94)717600022
>>>>> WSO2 Inc., http://wso2.com/
>>>>>
>>>>
>>>>
>>>>
>>>> --
>>>> Tanya Madurapperuma
>>>>
>>>> Senior Software Engineer,
>>>> WSO2 Inc. : wso2.com
>>>> Mobile : +94718184439
>>>> Blog : http://tanyamadurapperuma.blogspot.com
>>>>
>>>
>>>
>>>
>>> --
>>> Regards,
>>> UdaraR
>>>
>>
>>
>>
>> --
>> *Nisala Niroshana Nanayakkara,*
>> Software Engineer
>> Mobile:(+94)717600022
>> WSO2 Inc., http://wso2.com/
>>
>> _______________________________________________
>> Architecture mailing list
>> Architecture@wso2.org
>> https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture
>>
>>
>
>
> --
>
> *S. Suhothayan*
> Technical Lead & Team Lead of WSO2 Complex Event Processor
> *WSO2 Inc. *http://wso2.com
> * <http://wso2.com/>*
> lean . enterprise . middleware
>
>
> *cell: (+94) 779 756 757 <%28%2B94%29%20779%20756%20757> | blog:
> http://suhothayan.blogspot.com/ <http://suhothayan.blogspot.com/>twitter:
> http://twitter.com/suhothayan <http://twitter.com/suhothayan> | linked-in:
> http://lk.linkedin.com/in/suhothayan <http://lk.linkedin.com/in/suhothayan>*
>
> _______________________________________________
> Architecture mailing list
> Architecture@wso2.org
> https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture
>
>
--
*Sinthuja Rajendran*
Technical Lead
WSO2, Inc.:http://wso2.com
Blog: http://sinthu-rajan.blogspot.com/
Mobile: +94774273955
_______________________________________________
Architecture mailing list
Architecture@wso2.org
https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture
