[katello-devel] Updated Permission matrix
Partha Aji
paji at redhat.com
Mon Jul 18 21:51:35 UTC 2011
----- Original Message -----
> From: "Lukas Zapletal" <lzap at redhat.com>
> To: katello-devel at redhat.com
> Sent: Monday, July 18, 2011 4:07:04 AM
> Subject: Re: [katello-devel] Updated Permission matrix
> On 07/16/2011 01:45 AM, Partha Aji wrote:
> > 1) User:Organization - The permission matrix had this assumption
> > that a user was tied to at least one organization. I always thought
> > this was the case but want more clarity on this.
>
> This was incorrect assumption. A user can be tied to (0..n)
> organizations using permissions (his own role). There will be no
> User-Org database relationship at all.
>
I know the model allows it. But does the existence of such a user make sense ?
I mean what can a user who is part of no org do?
OR are you trying to say that Whoever has the authority to manage , as in the Creator
of the user Foo can setup the "self role" of user Foo in such a way that Foo can access specific organizations ?
In that case we would not want Foo be able to edit his own 'self-role' permissions right ???
> > 2) Role:Organization - I assume Role was scoped to an org. But how
> > do we solve the issue of giving a role in which a User with that
> > role will be able to update multiple organizations?
>
> The above should explain this case. A user (or role) can be assigned
> to
> multiple organizations.
>
>
> --
> Later,
>
> Lukas Zapletal | E32E400A
> RHN Satellite Engineering
> Red Hat Czech s.r.o. Brno
>
> _______________________________________________
> katello-devel mailing list
> katello-devel at redhat.com
> https://www.redhat.com/mailman/listinfo/katello-devel
More information about the katello-devel
mailing list