Hmm
A simple numbering system is dangerous. Between the GET and the DELETE
rules may have been added. Deleting the wrong rule may be a consequence.
Using a MD5 check sum would be a solution, like
/security/acl/layers/7AC93B1A17731D9EA925EB13C0CF3BCC
This is the md5 sum for *.*.r
I hope to get some additional input from Justin.
Cheers
Christian
On Sat, Oct 18, 2014 at 4:00 PM, Andrea Aime <andrea.a...@geo-solutions.it>
wrote:
> On Sat, Oct 18, 2014 at 2:44 PM, Christian Mueller <
> christian.muel...@os-solutions.at> wrote:
>
>> Hi Andrea
>>
>> Thanks to the hint about the DELETE method. I think it is not forbidden
>> to add a request body to a delete request, but I seems to be a bad
>> practice.
>>
>>
>> http://www.spenceruresk.com/2011/11/http-delete-requests-that-include-a-body/
>>
>> Maybe we can encode the rule keys as a comma separated list using an URL
>> parameter.
>>
>> /security/acl/layers?rules=*.*.r,*.*.w
>>
>
> Hum could be, but I think I'd associate some sort of identifier to the
> rules, and use that instead,
> and would still expose resources like /security/acl/layers/1,
> /security/acl/layers/2 that you
> can issue a DELETE against, yes it's chatty, but it's also the idiomatic
> way in REST services
>
> Cheers
> Andrea
>
> --
> ==
> GeoServer Professional Services from the experts! Visit
> http://goo.gl/NWWaa2 for more information.
> ==
>
> Ing. Andrea Aime
> @geowolf
> Technical Lead
>
> GeoSolutions S.A.S.
> Via Poggio alle Viti 1187
> 55054 Massarosa (LU)
> Italy
> phone: +39 0584 962313
> fax: +39 0584 1660272
> mob: +39 339 8844549
>
> http://www.geo-solutions.it
> http://twitter.com/geosolutions_it
>
> *AVVERTENZE AI SENSI DEL D.Lgs. 196/2003*
>
> Le informazioni contenute in questo messaggio di posta elettronica e/o
> nel/i file/s allegato/i sono da considerarsi strettamente riservate. Il
> loro utilizzo è consentito esclusivamente al destinatario del messaggio,
> per le finalità indicate nel messaggio stesso. Qualora riceviate questo
> messaggio senza esserne il destinatario, Vi preghiamo cortesemente di
> darcene notizia via e-mail e di procedere alla distruzione del messaggio
> stesso, cancellandolo dal Vostro sistema. Conservare il messaggio stesso,
> divulgarlo anche in parte, distribuirlo ad altri soggetti, copiarlo, od
> utilizzarlo per finalità diverse, costituisce comportamento contrario ai
> principi dettati dal D.Lgs. 196/2003.
>
>
>
> The information in this message and/or attachments, is intended solely for
> the attention and use of the named addressee(s) and may be confidential or
> proprietary in nature or covered by the provisions of privacy act
> (Legislative Decree June, 30 2003, no.196 - Italy's New Data Protection
> Code).Any use not in accord with its purpose, any disclosure, reproduction,
> copying, distribution, or either dissemination, either whole or partial, is
> strictly forbidden except previous formal approval of the named
> addressee(s). If you are not the intended recipient, please contact
> immediately the sender by telephone, fax or e-mail and delete the
> information in this message that has been received in error. The sender
> does not give any warranty or accept liability as the content, accuracy or
> completeness of sent messages and accepts no responsibility for changes
> made after they were sent or for other risks which arise as a result of
> e-mail transmission, viruses, etc.
>
> -------------------------------------------------------
>
--
DI Christian Mueller MSc (GIS), MSc (IT-Security)
OSS Open Source Solutions GmbH
------------------------------------------------------------------------------
Comprehensive Server Monitoring with Site24x7.
Monitor 10 servers for $9/Month.
Get alerted through email, SMS, voice calls or mobile push notifications.
Take corrective actions from your mobile device.
http://p.sf.net/sfu/Zoho
_______________________________________________
Geoserver-devel mailing list
Geoserver-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/geoserver-devel
