Re: [aerogear-dev] [Unified Push Server] Roles structure & password management
Matthias Wessendorf wrote:
If it can be made for the next release I would say let's keep it
simple for now, 3 roles :
-admin : can do all the CRUD operations + creating/deleting users
-developer: can do all the CRUD operations
-simple: can just do read operations
+1 and oversimplifying here I would remove
"simple". If people only can
read send to them a PDF :)
The default user (admin/123) should have the "admin" role.
Users created by the admin can have the role developer or simple
Probably if the
server is still using the interceptor, it must support
multiple roles. What should I do into the following situations?
- Delete ALL the things Endpoint annotated with developer and simple:
Logged in user has only the simple role and is not a developer. Should I
allow them to delete?
Users created by the admin will have the default 123 password to be
changed the first time they log in.
I think it was already solved on unified push
server, no?
But !
The big questions remains around design, how to design that ?
Push the code and we
refactor/improve/change it.
Seb
--
abstractj
Attachments:
- signature.asc (application/pgp-signature — 495 bytes)