[katello-devel] Four default roles
Lukas Zapletal
lzap at redhat.com
Fri Jul 1 13:33:06 UTC 2011
On 07/01/2011 03:28 PM, Brad Buckingham wrote:
> Right now, it seems we have the following types of roles:
> - user defined (e.g. created in Roles UI)
> - self-role - internally created/destroyed, but permissions CRUD
> supported through user
> - internal role - roles needed by katello to support things like candlepin
>
> Do we also envision a need in the future for an internal role (one that
> is created/destroyed by katello (not the user)) and that should be
> viewable from the Role UI (read-only)?
Well self roles are here to support creating permission on remote (REST)
resources. When "bob" creates repo in Pulp, he has permission for it
(for the tag in our database).
I can envision a situation when administrator need to correct the
special case. But for normal operations this could never happen (only
for disaster recovery etc.)
I guess two-state flag (hidden/not hidden) is enough for us.
--
Later,
Lukas Zapletal | E32E400A
RHN Satellite Engineering
Red Hat Czech s.r.o. Brno
More information about the katello-devel
mailing list