Thanks Danushka .. It was the workaround I did - map the Cassandra's permissions to our permissions and then check authority for performing those actions on a given resource by a particular user.
On Sat, Jan 22, 2011 at 10:43 AM, Danushka Menikkumbura <danus...@wso2.com>wrote: > AFAIK there is a fixed set of actions (read, write, authorize, etc) that > you can perform on resource. They are defined in a static class which I can > not find right now :-(. What you need to do is check if each of them is > allowed on a given resource. > > Danushka > > > On Sat, Jan 22, 2011 at 10:03 AM, Indika Kumara <ind...@wso2.com> wrote: > >> Yes, What I needed was to get the all actions (permissions) a user can do >> with a given resource. As per now, I decided going for a workaround. I will >> prepare a document by the time of reviewing of this POC, including the >> improvements/changes required at the Cassandra (some are already discussed >> in the Cassandra' mailing list), options for leveraging it our products, and >> so on. >> >> BTW, In the Cassandra's security model, a user has a set of groups and >> each group has roles >> >> Thanks, >> >> Indika >> >> On Sat, Jan 22, 2011 at 10:12 AM, Sanjiva Weerawarana >> <sanj...@wso2.com>wrote: >> >>> IMO these API calls still don't give what Indika is looking for - he's >>> asking how can I find out what a person can do. This model allows you to >>> find the list of roles a person is in and then ask whether that roles is >>> authorized to do X, Y, Z. However what he's looking for is list of all X, Y >>> and Zs. >>> >>> Sanjiva. >>> >>> >>> On Fri, Jan 21, 2011 at 10:24 PM, Dimuthu Leelarathne <dimut...@wso2.com >>> > wrote: >>> >>>> Hi, >>>> >>>> Since this is a POC we can do this. >>>> >>>> First we can call >>>> -public String[] getRoleListOfUser(String userName) throws >>>> UserStoreException in UserStoreManager >>>> Then we can call the following function for all possible combinations. >>>> -public boolean isRoleAuthorized(String roleName, String resourceId, >>>> String action) >>>> throws UserStoreException; >>>> >>>> Thanks, >>>> Dimuthu >>>> >>>> >>>> On Fri, Jan 21, 2011 at 10:18 PM, Indika Kumara <ind...@wso2.com>wrote: >>>> >>>>> Thanks Dimuthu.. >>>>> >>>>> BTW, what would be the best solution (may be a workaround) - get the >>>>> roles associated with a given user and then the permissions for roles. >>>>> >>>>> Thanks, >>>>> >>>>> Indika >>>>> >>>>> >>>>> On Fri, Jan 21, 2011 at 10:44 PM, Dimuthu Leelarathne < >>>>> dimut...@wso2.com> wrote: >>>>> >>>>>> Hi, >>>>>> >>>>>> On Fri, Jan 21, 2011 at 10:12 PM, Indika Kumara <ind...@wso2.com>wrote: >>>>>> >>>>>>> HI Dimuthu, >>>>>>> >>>>>>> My questions was different ... I needed to get all permissions >>>>>>> associated with a given user for a given resource. >>>>>>> >>>>>>> Something like >>>>>>> >>>>>>> public Permission[] getAllowedPermissions(String username, String >>>>>>> resourceParth) >>>>>>> >>>>>>> The Cassandra's authorization API requires that. >>>>>>> >>>>>>> >>>>>> Sorry misread your mail. >>>>>> >>>>>> Yes can be done. But user permissions are being deprecated. >>>>>> >>>>>> Thanks, >>>>>> Dimuthu >>>>>> >>>>>> >>>>>>> Thanks, >>>>>>> >>>>>>> Indika >>>>>>> >>>>>>> >>>>>>> >>>>>>> On Fri, Jan 21, 2011 at 10:33 PM, Dimuthu Leelarathne < >>>>>>> dimut...@wso2.com> wrote: >>>>>>> >>>>>>>> Hi, >>>>>>>> >>>>>>>> There is a method like this in AuthorizationManager. >>>>>>>> >>>>>>>> public String[] getExplicitlyDeniedUsersForResource(String >>>>>>>> resourceId, String action) >>>>>>>> throws UserStoreException; >>>>>>>> >>>>>>>> public String[] getExplicitlyAllowedUsersForResource(String >>>>>>>> resourceId, String action) >>>>>>>> throws UserStoreException; >>>>>>>> >>>>>>>> However these methods are deprecated since we plan to use role based >>>>>>>> permissions. >>>>>>>> >>>>>>>> thanks, >>>>>>>> dimuthu >>>>>>>> >>>>>>>> On Fri, Jan 21, 2011 at 9:44 PM, Indika Kumara <ind...@wso2.com>wrote: >>>>>>>> >>>>>>>>> Hi All, >>>>>>>>> >>>>>>>>> Could I get the all permission (or actions) allowed for a given >>>>>>>>> user to a given resource - something like getAllowedPermissions(String >>>>>>>>> username, String resourceParth)? I cannot find a method in the >>>>>>>>> 'AuthorizationManager'. >>>>>>>>> >>>>>>>>> Could someone help me on this matter? >>>>>>>>> >>>>>>>>> Thanks, >>>>>>>>> >>>>>>>>> Indika >>>>>>>>> >>>>>>>>> _______________________________________________ >>>>>>>>> Carbon-dev mailing list >>>>>>>>> Carbon-dev@wso2.org >>>>>>>>> https://wso2.org/cgi-bin/mailman/listinfo/carbon-dev >>>>>>>>> >>>>>>>>> >>>>>>>> >>>>>>>> _______________________________________________ >>>>>>>> Carbon-dev mailing list >>>>>>>> Carbon-dev@wso2.org >>>>>>>> https://wso2.org/cgi-bin/mailman/listinfo/carbon-dev >>>>>>>> >>>>>>>> >>>>>>> >>>>>>> _______________________________________________ >>>>>>> Carbon-dev mailing list >>>>>>> Carbon-dev@wso2.org >>>>>>> https://wso2.org/cgi-bin/mailman/listinfo/carbon-dev >>>>>>> >>>>>>> >>>>>> >>>>>> _______________________________________________ >>>>>> Carbon-dev mailing list >>>>>> Carbon-dev@wso2.org >>>>>> https://wso2.org/cgi-bin/mailman/listinfo/carbon-dev >>>>>> >>>>>> >>>>> >>>>> _______________________________________________ >>>>> Carbon-dev mailing list >>>>> Carbon-dev@wso2.org >>>>> https://wso2.org/cgi-bin/mailman/listinfo/carbon-dev >>>>> >>>>> >>>> >>>> _______________________________________________ >>>> Carbon-dev mailing list >>>> Carbon-dev@wso2.org >>>> https://wso2.org/cgi-bin/mailman/listinfo/carbon-dev >>>> >>>> >>> >>> >>> -- >>> Sanjiva Weerawarana, Ph.D. >>> Founder, Chairman & CEO; WSO2, Inc.; http://wso2.com/ >>> email: sanj...@wso2.com; phone: +94 11 763 9614; cell: +94 77 787 6880 | >>> +1 650 265 8311 >>> blog: http://sanjiva.weerawarana.org/ >>> >>> Lean . Enterprise . Middleware >>> >>> _______________________________________________ >>> Carbon-dev mailing list >>> Carbon-dev@wso2.org >>> https://wso2.org/cgi-bin/mailman/listinfo/carbon-dev >>> >>> >> >> _______________________________________________ >> Carbon-dev mailing list >> Carbon-dev@wso2.org >> https://wso2.org/cgi-bin/mailman/listinfo/carbon-dev >> >> > > _______________________________________________ > Carbon-dev mailing list > Carbon-dev@wso2.org > https://wso2.org/cgi-bin/mailman/listinfo/carbon-dev > >
_______________________________________________ Carbon-dev mailing list Carbon-dev@wso2.org https://wso2.org/cgi-bin/mailman/listinfo/carbon-dev
