Re: [gatein-dev] Initial commit on API implementation
On Jul 12, 2011, at 3:50 PM, Matt Wringe wrote:
So looking into the REST part of the api, I have a few questions
here
with the design of the API:
1) Does the API assume that only a superuser is ever going to use it, or
does it assume that other logged in (or unauthenticated) users will be
using it as well?
Ie I want to create a navigation/menu portlet. If I retrieve the nodes,
will I get only the nodes I have permission to view, or do I have to
retrieve them all and manually filter out the ones I don't have
permission to access?
It makes more sense for the rest service to only return elements the
user has permission to access, but we can filter that on the rest side
if needed.
The current API takes the point of view that whoever is calling into it has administrative
rights.
2) Are we still going to be using java resources for internalization?
I have no idea on this… :/
Cordialement / Best,
Chris
==
Principal Software Engineer / JBoss Enterprise Middleware Red Hat, Inc.
Follow GateIn: http://blog.gatein.org / http://twitter.com/gatein
Follow me: http://metacosm.info/metacosm / http://twitter.com/metacosm