[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: access control
|
From: |
Milan Zamazal |
|
Subject: |
Re: access control |
|
Date: |
17 Jun 2001 15:49:49 +0200 |
|
User-agent: |
Gnus/5.09 (Gnus v5.9.0) Emacs/21.0.103 |
>>>>> "HS" == Hans-Albert Schneider <address@hidden> writes:
HS> I cannot speak for Peter, of course. However, we are currently
HS> using GNATS internally. Opening it to our customers would
HS> require some method to restrict access such that customers are
HS> unable to see the reports submitted by other customers, because
HS> the reports sometimes include real-life data of the customer.
HS> Of course, each customer should be able to see all their own
HS> reports. (So the granularity of the "confidential" flag is too
HS> coarse.)
I agree this is a real and important problem. I used to have a similar
problem. I solved it by using gnats2w authentication and authorization
mechanism, but it should actually be handled in gnatsd.
HS> A first idea that comes into my mind is to have a mapping of
HS> usernames - to submitter id(s) the user is allowed to use in
HS> submitting reports, and - to the submitter ids whose reports
HS> this user may see (both in listings and in full). [BTW, this
HS> would interfere with the "merging duplicates" feature discussed
HS> recently on the list.]
HS> The mapping could be done by two optional fields to
HS> gnatsd.access.
Well, maybe.
HS> This feature could be combined with the "confidential" flag:
HS> Reports marked confidential are only visible to the same
HS> submitter id, others are visible to everyone.
This sounds very reasonable.
HS> Of course, the developers must be able to see all reports, as
HS> should those of us who do consulting for the customers.
Yes, that could be done with a wildcard in the configuration.
>>>>> "PN" == Peter Novodvorsky <address@hidden> writes:
PN> Milan Zamazal wrote:
>>>>>>> "PN" == Peter Novodvorsky <address@hidden> writes:
>>>>>>
PN> 1). i don't like that client can pass without authentication
PN> phase. If he want to login as anonymous, he has to do it. IE,
PN> USER anonymous address@hidden
>> Hm, are there any *real* benefits of this except it's annoying
>> during debugging?:-)
PN> Yes, I want to devide everything in several stages. One of them
PN> is authentification stage (Like in ftp/pop3).
Do you talk about your application or about gnatsd protocol
elegance? :-) If the first, creating an anonymous user should be
sufficient, and if the latter, frankly, I don't care much.
PN> Some of them come for theoretical level, and some of them have
PN> real-life reasons. Company I work for makes a distribution. It
PN> is maintained by my coworkers and some people who volounteer. I
PN> want them to have rights to edit only their bug reports while
PN> office people to edit any bug report.
OK, this should be solved in foreseeable future.
PN> OK. In this case I was talking about non-existing GNATS5. ;-)
Well, let's say 4.1. :-)
I know there are important features that should be included in GNATS,
but we should really release GNATS 4 sometimes and let the most
important new features be solved in the first non bug fix release after
it. Thanks to all the contributors, especially Yngve, we got much
closer to the GNATS 4 release now, so let's not delay it again. :-)
Milan Zamazal
--
_/_\_/_ o _\_/_\_ o _/_\_/_ o _\_/_\_ o BEWARE!
-<_|_|_|_><-- -<_|_|_|_><-- -<_|_|_|_><-- -<_|_|_|_><-- *Bugs* are
/ \ / o \ / \ o / \ / o \ / \ o approaching!