cloudstack-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From rhtyd <...@git.apache.org>
Subject [GitHub] cloudstack pull request: CLOUDSTACK-8562: Dynamic Role-Based API C...
Date Wed, 27 Apr 2016 17:38:57 GMT
Github user rhtyd commented on the pull request:

    https://github.com/apache/cloudstack/pull/1489#issuecomment-215165382
  
    @mlsorensen 
    - presently, setting bitmask to 0 in commands.properties does not disable the API but
that no roles would have that API; though if an API through its `authroized` annotation enables
itself for a roletype that will be considered
    - this feature implements a DENY rule that is checked before annotations are checked to
provide a mechanism to disable an API (or group of APIs if a wildcard rule is used) that could
have been enabled by the annotation (for example)
    
    @koushik-das 
    - Existing users are not migrated automatically, they continue to use static-checker
    - Commands.properties file is only removed from codebase, after an upgrade this file won't
be removed by the deb/rpm packages
    - New users and installations are no longer encouraged to use the old static-checker,
therefore with the aim of deprecating the static-checker over time dynamic-checker is enabled
by default
    - Any change can introduce side-effects and bugs but that does not mean we should stop
innovating or stop improving cloudstack; such an attitude would be harmful for any project
    - I really appreciate your code review, improvement suggestions and testing feedback instead,
on this PR. Thanks.


---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastructure@apache.org or file a JIRA ticket
with INFRA.
---

Mime
View raw message