[katello-devel] Permissions for distributions
Lukas Zapletal
lzap at redhat.com
Tue Jan 3 11:34:20 UTC 2012
Hello,
during API permissions review I have found out distribution permissions
are not implemented in UI, so I started working on it.
Our JS code requests information about distributions using the following
route:
/distributions/:id
The permission rule should be "distribution info is readable if product
this distribution/repository belongs to is also readable".
Now, there is one snag. Since Katello does not have any distribution
model class and Pulp is not able to provide what repository this
distribution belongs to, we would need to change the route to:
/repositories/:repository_id/distributions/:id
So the controller code would be able to fetch repository/product and
check permissions. Lemme call this one as option A.
Another option (B) would be to ask Pulp guys to add repository id to the
distribution JSON output, so Katello would be able to retrieve it's
"parent" model class and check permissions on it.
As I expect more such scenarios, I would like to read your options
first. I like A more, but if there is any plan to add such references on
the Pulp side (I am not sure if this breaks REST design - I don't think
so), then B would be nice too.
LZ
--
Later,
Lukas Zapletal | E32E400A
RHN Satellite Engineering
Red Hat Czech s.r.o. Brno
More information about the katello-devel
mailing list