[katello-devel] Permissions for distributions

Lukas Zapletal lzap at redhat.com
Tue Jan 3 16:38:06 UTC 2012 

As there are no objection, I am choosing option A.

Prepared UI controller code for the change, but I am leaving the
refactoring on the frontend team as there is javascript and navigation
code involved I am not expert in. Opened a ticket for that:

https://bugzilla.redhat.com/show_bug.cgi?id=771411

On the API side I refactored it already, so path

/distributions/:id

is now

/repositories/:repository_id/distributions/:id

Please note for katello distribution info CLI command there is a new
(required) parameter repo_id now.

LZ

On Tue, Jan 03, 2012 at 12:34:20PM +0100, Lukas Zapletal wrote:
> Hello,
> 
> during API permissions review I have found out distribution permissions
> are not implemented in UI, so I started working on it.
> 
> Our JS code requests information about distributions using the following
> route:
> 
> /distributions/:id
> 
> The permission rule should be "distribution info is readable if product
> this distribution/repository belongs to is also readable".
> 
> Now, there is one snag. Since Katello does not have any distribution
> model class and Pulp is not able to provide what repository this
> distribution belongs to, we would need to change the route to:
> 
> /repositories/:repository_id/distributions/:id
> 
> So the controller code would be able to fetch repository/product and
> check permissions. Lemme call this one as option A.
> 
> Another option (B) would be to ask Pulp guys to add repository id to the
> distribution JSON output, so Katello would be able to retrieve it's
> "parent" model class and check permissions on it.
> 
> As I expect more such scenarios, I would like to read your options
> first. I like A more, but if there is any plan to add such references on
> the Pulp side (I am not sure if this breaks REST design - I don't think
> so), then B would be nice too.
> 
> LZ
> 
> -- 
> Later,
> 
>  Lukas Zapletal | E32E400A
>  RHN Satellite Engineering
>  Red Hat Czech s.r.o. Brno
> 
> _______________________________________________
> katello-devel mailing list
> katello-devel at redhat.com
> https://www.redhat.com/mailman/listinfo/katello-devel

-- 
Later,

 Lukas Zapletal | E32E400A
 RHN Satellite Engineering
 Red Hat Czech s.r.o. Brno

More information about the katello-devel mailing list