[Freeipa-devel] [PATCH] 028 Code cleanup of HBAC, Sudo rules

[Adam Young]

On 10/27/2011 08:55 PM, Endi Sukma Dewata wrote:
> On 10/27/2011 6:39 PM, Adam Young wrote:
>>> We might need to distinguish 2 different usages of 'entity'. The first
>>> one represents a collection of entries:
>>
>> Call that an instance. Entity is the term that is the analogue of Class
>
> Not sure I understand correctly. You mean entity is a class which is a 
> collection, similar to a table in database? And instance is an object 
> or individual entry or row in a table?
Yes, that is a pretty good analogy.
>> So we want to distinguish getting the primary key field for the entity,
>> as opposed to the primary key of the instance.
>
> From the URL we want to get the primary key for a particular 
> instance/object to show in the detail page.
Yes.  In a RESTful  scheme it would be /IPA/entities/users/ayoung  to 
get my user object
>
>>> The IPA.client will represent a connection to the IPA server. In a
>>> browser IPA.client can only connect to the server it's loaded from:
>>>
>>> var client = IPA.client();
>>>
>>> but in a JS engine like Rhino the IPA.client can connect to any IPA
>>> server:
>>>
>>> var client = IPA.client('ipa.example.com');
>>
>> This will work now, but you will not be able to see the results of the
>> command. Integrations like this are how the Like buttons from Facebook
>> work. Cross site posting is tricky, but permitted, and might be useful
>> in some cases. Possibly we should call it connection.
>
> The second code is not supposed to be used inside a browser. This is 
> suppose you're writing a JS script running in Rhino, you need to 
> specify the IPA server you're connecting to. I haven't tried this, but 
> I suppose in Rhino we will be able to set the Referer to match the 
> server name.
>
> I'd rather call it IPA.client because it will do other things too, not 
> just connection.
>