[katello-devel] Current roles/permissions in the seeds file
Bryan Kearney
bkearney at redhat.com
Mon May 16 20:44:29 UTC 2011
I put in the facts table from SAM, and I noticed that I needed to add a
role/permission to the seed data for this to work. Here is the diff:
-Role.allow 'admin_role', { :systems => [:index, :create, :new, :edit,
:show, :update, :destroy,:packages, :subscriptions,:update_subscriptions]
+Role.allow 'admin_role', { :systems => [:index, :create, :new, :edit,
:show, :update, :destroy,:packages,
:subscriptions,:update_subscriptions, :facts]
Can I assume that we want to move away from UI centric permission such
as this? I would assume that we would put
:systems => :read
around the following controller actions:
:show, :subscriptions, :facts
To do this, we would need to change how the ApplicationController works,
but it will move us to more business permissions which work across the
CLI and the UI. Is this correct, or off base?
-- bk
More information about the katello-devel
mailing list