On 10/8/13 3:23 PM, "Darren Shepherd" <[email protected]> wrote:
>I would like to largely remove commands.properties. I think most API >commands naturally have a default ACL that should be applied. I think >it makes sense to add to the @APICommand flags for user, domain, >admin. Then, as an override mechanism, people can edit >commands.properties to change the default ACL. This would make it >such that people could add new commands without the need to edit >commands.properties. > >Thoughts? How will this play with whatever is being done with rbac? > >Darren > Darren, what if admin wants to disable certain API command, how does he do it with this new approach?
