[jira] [Commented] (AIRAVATA-2232) All SSH keys generated by a gateway admin are listed in user's settings --> credential store

Mon, 21 Nov 2016 14:20:15 -0800 

    [ 
https://issues.apache.org/jira/browse/AIRAVATA-2232?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15684914#comment-15684914
 ] 

Marcus Christie commented on AIRAVATA-2232:
-------------------------------------------

Here's my proposal:
* Add a CredentialOwnerType enum to the credential store data models
{noformat}
enum CredentialOwnerType {
  GATEWAY,
  USER
}
struct SSHCredential {
    1: required string gatewayId,
    2: required string username,
    3: optional string passphrase,
    4: optional string publicKey,
    5: optional string privateKey,
    6: optional i64 persistedTime,
    7: optional string token,
    8: optional string description,
    9: optional CredentialOwnerType credentialOwnerType
}
{noformat}
* Update API method {{generateAndRegisterSSHKeys}} to also take this enum
** also update {{generateAndRegisterSSHKeysWithDescription}} likewise
** Question: any reason why we couldn't combine {{generateAndRegisterSSHKeys}} 
and {{generateAndRegisterSSHKeysWithDescription}}? Thrift should be good at 
handling adding new fields.
** maybe something like
{noformat}
string generateAndRegisterSSHKeys (1: required security_model.AuthzToken 
authzToken,
                2: required string gatewayId,
                3: required string userName,
                4: optional string description,
                5: optional CredentialOwnerType credentialOwnerType)
        throws (1: airavata_errors.InvalidRequestException ire,
                2: airavata_errors.AiravataClientException ace,
                3: airavata_errors.AiravataSystemException ase)
{noformat}
* Update {{getAllGatewaySSHPubKeys}} and {{getAllGatewaySSHPubKeysSummary}} to 
only return GATEWAY owned credentials
* Update {{getAllSSHPubKeysSummaryForUserInGateway}} to only return USER owned 
credentials



> All SSH keys generated by a gateway admin are listed in user's settings --> 
> credential store
> --------------------------------------------------------------------------------------------
>
>                 Key: AIRAVATA-2232
>                 URL: https://issues.apache.org/jira/browse/AIRAVATA-2232
>             Project: Airavata
>          Issue Type: Bug
>          Components: Airavata System, PGA PHP Web Gateway
>         Environment: dev.seagrid.org
>            Reporter: Eroma
>            Assignee: Marcus Christie
>
> Gateway admins generates SSH keys for the gateway, to be used in community 
> account usage. Also admins will generate SSH keys to be used with their own 
> user settings for compute resources.
> All these keys are listed under users own credential store. Users own 
> crendetial store should only have keys generated for own resource logins. 
> This is through User settings in PGA.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Reply via email to