Dave,
1. Yes, the "proposed" roles are default roles that will be seeded with TO.
The idea is that you can use those roles or create your own.
2. Really, there should be no need to CRUD capabilities. for example, the
ds-read capability should always include the GET /api/deliveryservices and
GET /
This sounds great Jeremy, looking forward to it getting implemented. A few
things though:
1) The "proposed roles" are really just "default roles" right? Meaning we
will provide a way to create new roles and assign capabilities to them?
2) We will provide a way to CRUD capabilities, correct?
3) I
There has been some discussion for quite some time regarding an overhaul of
the TO access control model. I'd like to refresh eveyone's memory on that
discussion.
*Current system:*
Since the beginning, resources (or routes (UI and API)) have been locked
down by role, or more specifically, privile