March 26, 2012

ACLs

    Those past few weeks I successfully deal with this:

  1. Add security constraint: an user is not allowed to access the API without being authenticated.
  2. Full CRUD functions for desktop web application: add the Update(PUT) feature(an user can edit theirs entry).
  3. Multitenancy: Creating namespaces for each user.
  4. Changed the schema of the database and changed the API accordingly. 
  5. Bug fix: Get date as long and convert it to Date (public issue Gson) 
  6. Offer for requester's API the data from their own namspace.
  7. Rearrange the entire project.
Now let's stop to a point from the list and discuss the pros and cons regarding to this:

Multitenancy: Creating namespaces for each user.

As I said in my previous post a good advantage of multitenancy is that it simplifies administration and data becomes easier to manipulate because all namespaces share the same  database schema.

But, creating a namespace for each user will limit the boundaries, so we were thinking to split the systems on layers. For example two people could share a single list, so one person could add items to the list and the other person sees them populate on their phone.

To achieve this we have to implement some access control lists and offer to the client the possibility to create a shared namespace(where he will add people to the group). For that I have to create groups and for each member of the group to add some permissions(read, write, execute).

On the following lines I will describe the requirements that I want to achieve:
  1. An user can create a desired namespace.
  2. He can share it with the others.
  3. The accepted users can read, write, execute on the namespace.
  4. The owner of the namespace can delete the namespace.
Nice to have requirements:
  1. The owner can see the members of their namespaces.
  2. The owner of the namespace can set permissions for each member.
Now I am thinking what should I use: a specialized framework or to create my own. I already searched on the internet and I found some but they look too hard to follow. I will see.  

Posted by at 4:00 PM
Labels: , ,
Location: Prague, Czech Republic

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)