[aerogear-dev] [Unified Push Server] Roles structure & password management

Sebastien Blanc scm.blanc at gmail.com
Thu Oct 17 10:13:54 EDT 2013 

On Thu, Oct 17, 2013 at 3:44 PM, Matthias Wessendorf <matzew at apache.org>wrote:

> any corp. org. may want some with just read-only access;
> The project lead is allowed to update the keys etc, but all the /normal/
> developers can just see the IDs/secrets (so that they can use it in their
> server apps).
>

This is also an interesting point, at some point don't we want the "read"
rights limited to a single/set of pushapps or even a level deeper based on
variants ?
Maybe in a big company, Bob the slacker intern has read access for his
supracool push app but also has access to the Public Relation Push App
 keys ...



> I guess that's not really (at least for me) closely related to a 'test via
> admin ui' feature
>
> -M
>
>
> On Thu, Oct 17, 2013 at 3:39 PM, Corinne Krych <corinnekrych at gmail.com>wrote:
>
>> Not sure about the role: user.
>>
>> What will be the use case for this one?
>> One use case, I see is if the 'user' is a tester. If we had the feature
>> to send push notification test via admin UI (as we discussed in [1] and
>> [2]).
>>
>> ++
>> Corinne
>> [1]
>> http://aerogear-dev.1069024.n5.nabble.com/aerogear-dev-Push-Server-Admin-UI-td2678.html#a2718
>> [2] https://issues.jboss.org/browse/AGPUSH-38
>>
>> On Oct 17, 2013, at 3:09 PM, Matthias Wessendorf <matzew at apache.org>
>> wrote:
>>
>> >
>> >
>> >
>> > On Thu, Oct 17, 2013 at 2:54 PM, Sebastien Blanc <scm.blanc at gmail.com>
>> wrote:
>> >
>> >
>> >
>> > On Thu, Oct 17, 2013 at 2:35 PM, Lucas Holmquist <lholmqui at redhat.com>
>> wrote:
>> >
>> > On Oct 15, 2013, at 11:14 AM, Sebastien Blanc <scm.blanc at gmail.com>
>> wrote:
>> >
>> >> So for the next Unified Push Release (0.9) it would be nice if we
>> could have some decent User Management, so I'm bumping this thread again.
>> >> Some existing pointer :
>> >>
>> >> -   this thread :)
>> >> -  https://issues.jboss.org/browse/AGPUSH-351
>> >> -  https://gist.github.com/sebastienblanc/6547605
>> >>
>> >> First point to define is :
>> >> -  What roles do we want ? And what can these Roles do ?
>> >
>> > Admin - Can do all things including creating other users
>> > Developer - can create apps and such. no access to the user management
>> UI
>> > User - read only - not sure if this one is needed
>> > Yes, not sure also but why not ? Could be useful for a monitoring
>> app/RHQ plugin that just want to retrieve the list of active pushapps ...
>> >
>> >
>> > +1 - I like these three different roles, including their rights
>> >
>> >
>> >
>> >
>> >> -  How can these Roles be created (granted ...)
>> >> -  Design
>> >
>> > I think we are still waiting on Hylke for this?   not sure
>> >
>> >>
>> >> Seb
>> >>
>> >>
>> >>
>> >> On Tue, Sep 17, 2013 at 2:07 PM, Matthias Wessendorf <
>> matzew at apache.org> wrote:
>> >>
>> >>
>> >>
>> >> On Tue, Sep 17, 2013 at 2:04 PM, Apostolos Emmanouilidis <
>> aemmanou at redhat.com> wrote:
>> >> Following the discussion on GitHub [1], here are some points to be
>> >> discussed about the user management flow:
>> >>
>> >> - Does it make sense to add a role select field (admin, developer) on
>> >> the enrollment page?
>> >>
>> >> hrm, and (perhaps later) a section where to define the roles ? I think
>> it's a good point, but not sure we need all this 'now' :-)
>> >>
>> >> - Should we add an additional password field (password confirmation) on
>> >> the enrollment page?
>> >>
>> >> yeah, would be nice
>> >>
>> >> - I think that the current logged in user shouldn't be available for
>> >> deletion
>> >>
>> >> yep, I agree
>> >>
>> >> [1]:
>> >>
>> https://github.com/aerogear/aerogear-unifiedpush-server-admin-ui/pull/6
>> >>
>> >>
>> >>
>> >> On Fri, 2013-09-13 at 10:15 +0200, Sebastien Blanc wrote:
>> >> > A Jira has been created https://issues.jboss.org/browse/AGPUSH-351
>> >> > And draft structure has been created
>> >> > here https://gist.github.com/sebastienblanc/6547605 that can be used
>> >> > as base for the Pull Request.
>> >> >
>> >> >
>> >> > On Fri, Sep 13, 2013 at 5:53 AM, Douglas Campos <qmx at qmx.me> wrote:
>> >> >         On Thu, Sep 12, 2013 at 09:39:28AM -0300, Bruno Oliveira
>> >> >         wrote:
>> >> >         > Would be nice to have a 8 hands document on it
>> >> >
>> >> >
>> >> >         who's going to start the pull request on it? it's SPECTIME!
>> >> >
>> >> >         --
>> >> >         qmx
>> >> >         _______________________________________________
>> >> >         aerogear-dev mailing list
>> >> >         aerogear-dev at lists.jboss.org
>> >> >         https://lists.jboss.org/mailman/listinfo/aerogear-dev
>> >> >
>> >> >
>> >> >
>> >> > _______________________________________________
>> >> > aerogear-dev mailing list
>> >> > aerogear-dev at lists.jboss.org
>> >> > https://lists.jboss.org/mailman/listinfo/aerogear-dev
>> >>
>> >>
>> >> _______________________________________________
>> >> aerogear-dev mailing list
>> >> aerogear-dev at lists.jboss.org
>> >> https://lists.jboss.org/mailman/listinfo/aerogear-dev
>> >>
>> >>
>> >>
>> >> --
>> >> Matthias Wessendorf
>> >>
>> >> blog: http://matthiaswessendorf.wordpress.com/
>> >> sessions: http://www.slideshare.net/mwessendorf
>> >> twitter: http://twitter.com/mwessendorf
>> >>
>> >> _______________________________________________
>> >> aerogear-dev mailing list
>> >> aerogear-dev at lists.jboss.org
>> >> https://lists.jboss.org/mailman/listinfo/aerogear-dev
>> >>
>> >> _______________________________________________
>> >> aerogear-dev mailing list
>> >> aerogear-dev at lists.jboss.org
>> >> https://lists.jboss.org/mailman/listinfo/aerogear-dev
>> >
>> >
>> > _______________________________________________
>> > aerogear-dev mailing list
>> > aerogear-dev at lists.jboss.org
>> > https://lists.jboss.org/mailman/listinfo/aerogear-dev
>> >
>> >
>> > _______________________________________________
>> > aerogear-dev mailing list
>> > aerogear-dev at lists.jboss.org
>> > https://lists.jboss.org/mailman/listinfo/aerogear-dev
>> >
>> >
>> >
>> > --
>> > Matthias Wessendorf
>> >
>> > blog: http://matthiaswessendorf.wordpress.com/
>> > sessions: http://www.slideshare.net/mwessendorf
>> > twitter: http://twitter.com/mwessendorf
>> > _______________________________________________
>> > aerogear-dev mailing list
>> > aerogear-dev at lists.jboss.org
>> > https://lists.jboss.org/mailman/listinfo/aerogear-dev
>>
>>
>> _______________________________________________
>> aerogear-dev mailing list
>> aerogear-dev at lists.jboss.org
>> https://lists.jboss.org/mailman/listinfo/aerogear-dev
>>
>
>
>
> --
> Matthias Wessendorf
>
> blog: http://matthiaswessendorf.wordpress.com/
> sessions: http://www.slideshare.net/mwessendorf
> twitter: http://twitter.com/mwessendorf
>
> _______________________________________________
> aerogear-dev mailing list
> aerogear-dev at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/aerogear-dev
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/aerogear-dev/attachments/20131017/730419d3/attachment-0001.html

More information about the aerogear-dev mailing list