ESciDoc Role List

From MPDLMediaWiki
Jump to: navigation, search

This page has been created for discussion of the requirements of Issue 320

Retrieval of a (Filtered) List of Roles

Requirements

Content of List of Roles

We should discuss what information about the roles shall be shown in the list of roles.

  • A reference to the role (objid or xlink:href, depending on the interface), only?
  • A reference to the role including name and description (as it is mentioned in the Issue 320)?
  • All properties of the role including the list of Xacml policies?

Filter Criteria

An eSciDocEnhanced Scientific Documentation role is not directly related to an eSciDocEnhanced Scientific Documentation resource like item, context, container, or organizational unit. Therefore, it is not clear what criterias can be used for filtering. Possible criterias could be:

  • The object ids of the roles
  • The id of a user account (or ids of user accounts?) that owns at least one valid grant for a role (only in combination with list of role ids)
  • Role has never been granted to a user
This raises a very important issue i.e. we need to clarify what / how are roles defined for?

A role can be defined for a core service, or for application i.e. solution service (note: service and not solution only). Please follow the discussion on the actual setup/definition for Authentication and authorization models in eSciDoc--Natasa 16:24, 23 October 2007 (CESTCentral European Summer Time)

Sorting Criteria

It has to be clarified if sorting of the list is needed and by which values the list shall be sorted, e.g. by

  • Name
  • Id

Prototype Implementation

There still exists a prototype-like implementation within the base services, but this is currently not available as a RESTRepresentational State Transfer/SOAPSimple Object Access Protocol service. This implementation creates a non-filtered list of all roles containing the xlink to the role (in case of RESTRepresentational State Transfer) or the objid of the role (in case of SOAPSimple Object Access Protocol), the name, and the description per role. This prototype implementation could be made available as a service of the RESTRepresentational State Transfer and SOAPSimple Object Access Protocol interface, immediately.

Proposal: to make available the prototype implementation for a non-filtered list after closure of R2 PubManPublication Management (Early November). To use it as a basis for definition of other requirements. Does it make sense? --Natasa 11:24, 24 October 2007 (CESTCentral European Summer Time)

Related pages