[aerogear-dev] Aerogear-Controller demo with different roles / thoughs on AG-sec

Bruno Oliveira bruno at abstractj.org
Wed Dec 12 14:19:53 EST 2012 

Howdy, answers inline.
--
"The measure of a man is what he does with power" - Plato
-
@abstractj
-
Volenti Nihil Difficile
On Wednesday, December 12, 2012 at 12:36 PM, Sebastien Blanc wrote:
> Hi,
> For Jira https://issues.jboss.org/browse/AEROGEAR-657 I've been playing and hacking a bit, for now that's the result :
> 
> (you can log in with admin priviliges with admin/admin)
> http://agcontrollerdemo-sblanc.rhcloud.com/aerogear-controller-demo (http://agcontrollerdemo-sblanc.rhcloud.com/aerogear-controller-demo/admin)
> 
> This demo show the usage of 2 different types of roles :
> - Simple user can just login/register.

+1
> - Admin can register other users and see a list of registerd users.
I'd suggest nothing huge, but admin could be able to add/remove users.
> 
> 
> When diving into AG-Security, here are some remarks that we can discuss on this thread :
> - The current API is very lean : login, logout, grant

That's the idea, keep it clean.
> 
> - For the demo, I've added a new method getAuthenticatedUsers() but what about adding some others methods to be able to do some CRUD action :
> 
> * getUser
> * deleteUser
> * updateUser

Might be a good idea or another alternative could be just expose the provider via WhateverClass and let our developers do it by yourselves. From API usability perspective I'm not sure what is our best alternative.
I'm +1 for prototype the API and post the suggestions here.
> 
> I'm also missing a method to retrieve the role of a user, so just a simple : getRole
In which scenario do we need it?
> 
> I've also another remark : when registering a new user, we put him by default in a group called "default user group", maybe we want to make it a bit more flexible by providing a group ?
+1
> 
> 
> Questions and remarks are welcome !
> 
> Seb
Feel free to gist your proposal or send PRs.
> 
> 
> 
> _______________________________________________
> aerogear-dev mailing list
> aerogear-dev at lists.jboss.org (mailto:aerogear-dev at lists.jboss.org)
> https://lists.jboss.org/mailman/listinfo/aerogear-dev

More information about the aerogear-dev mailing list