I'm just about to get OpenShift up and running but there's one thing I cant really wrap my head around. What's the difference between being "associated" and "bound" to roles in OpenShift?
I know what roles and bindings are and how they work. But it seems to me, that associating rules is pretty much everything I can do. I can "give" a rule to a User. But what does it mean to "bind" someone to a rule?
Thanks in advance.
What I'm referring to: https://access.redhat.com/documentation/en/openshift-enterprise/version-3.0/openshift-enterprise-30-architecture#roles
Binding is the verb we use to describe giving a user a role. The API resource is called a RoleBinding. Other words we use are "grant" or "assign".
Related
I'm trying to make API calls to my web hosting (ovh) in order to create email alias and email accounts.
Some years ago I did that in Cakephp2 using Datasource, but now I'm using cakephp4 and I'm not sure how to proceed...
How can I create a Model without a database Table ?
My advice would be to just not go down that route, IMHO you'll be much better off if you create a simple custom service around the API instead, there's no need to make all datasources look like CakePHP database/ORM "repositories" (I put that in quotes because CakePHP's repositories should not be confused with what repositories are in the context of the repository pattern).
If there was really, really, really a need for it, I'd say first go look into muffin/webservice, which shoulders some of the work required for you. And if you wanted to know how to do it completely on your own, well you'd have to implement \Cake\Datasource\RepositoryInterface accordingly, which comes with lots of baggage and is anything but straightforward.
If you want to see how that could look like, I'd again refer to muffin/webservice, check for example its Endpoint repository and the surrounding classes, that should give you an idea of the "how to" and the complexity involved.
I would like to see if anyone else already had this problem. I'm really struggling to find out an solution for that, so that's why I've decided to call for help.
So, i have this Ownbackup API endpoint:
Ownbackup API
Here's the link for the API documentation: https://cdn2.hubspot.net/hubfs/2571574/api%20document-1.html#tag/Enhanced-Sandbox-Seeding/paths/~1api~1v1~1sbs~1templates~1{template_id}~1seed/post
But for me it wasn't too helpful.
The point in here is that my organization has hundreds of validations rules. And I would like to know if there is any parameter that this API understands in order to disable ALL validation rules, without the need of passing the name of each one of the file names in the request body.
Keep in mind that the format for this request is multipart/form-data.
Thank you all!
So, I've reached out for Owbackup support and they told me that i can actually use "disable_validation_rules" set to true, so this way the All validation rules get disabled and the triggers not, also it does not require me to specify which validations rules should be disabled.
I'm letting this answer in here, in order someone else comes across this problem!
Cheers!
So I know this is crazy from a security standpoint, but let's say I have a posts resource at /posts/ and I'd like an admin to be able to trigger a transformation on the collection (in this case, a simple data migration).
How should I design the URL for something like that? It's basically a remote procedure: "take all the posts, modify them, and save them", which is why it is hard to shoehorn onto REST.
I ended up just doing POST /posts/name-of-transform. It's going to be hacky either way :(
So what you want is to update a collection right?
I think what you're looking for is the http PATCH method. It will acte pretty much like your POST method but instead of creating the ressources it will update them.
You can find more about the PATCH method at this address : https://restful-api-design.readthedocs.org/en/latest/methods.html
I am using rails 3.2.7, mongoid 3, and i am trying to use devise for users accounts.
Before i'll start: i was searching a lot for my problem, and i read many tutorials, byt none fit to my need.
I have similar problem like devise and multiple “user” models
but i am using mongodb so i think the problem is not exacly the same.
I have 3 types of users":
Manger which can have many places and can manage them(edit info).
User which can search for places(even no user can) and create their places lists. Also user can comment and note the places.
Administrator who can edit/delete anythig, so admin is a god.
So, all of them have different data(except of login info) and i don't know what solution is the best.
STI would be good if they would have the same data, and different actions, but data are different too(but i am using mongoid, so maybe it would be fine?)
Single user model with roles is another solution but i don't know how to store different data, maybe with polymorphic? I don't fully understand how it should be implemented with devise and maybe cancan.
Maybe there is third?
I know what is STI, polymorphic associations, also how to implement roles with CanCan, but the problem is that i dont't know how to connect them with devise?
If there would be few sign in forms or one, it doesn't matter. I don't have to use devise either.
I found few tutorials/examples how to use devise, monogid, roles for multi-users applications, but they are when users store the same data, so they don't fit for me.
Can you give me advice, or a maybe a link which could help me?
Thanks for help :)
I would recommend building different controllers for different use cases. Don't build dependencies of different views inside the data. This way you are free to use the data for other use cases or other user groups without changing it directly.
Simply create controllers for the different use cases. This way you can change them any time without changing your data model.
I'm looking for the way to restrict users access by time in my grails application. I mean that users will be able to use (not only login) application only in allowed timeframes defined by days of week and start & end hours.
Could anyone advise the best way of doing this?
I'm thinking about adding some set of tables to my domain model which will contain time access rules. This rules will be applied to roles and users. Users rules will override roles rules.
As I understand, I need to implement some Authorization (not Authentication) Filter, which will do the check of time restrictions.
Am I one the right way? If so, then could anyone provide some usefull links for this task?
Aha, I already answered this on the mailinglist.
What I wrote:
Possible solution (two-fold):
For login:
Custom UserDetails class that throws appropiate exception if outside
timeslot (not sure if it is the most semantically correct place to do
it, but it's easy there).
For people already logged in:
Quartz job that run at the boundaries (like 2pm if thats when a slot
ends) that run through active sessions and invalidate them.
You can keep a list of active sessions in various ways, one (one and a
half really, not sure if you can use Burt's plugin in a programmatic
way) are covered here:
In grails, how do I get a reference to all current sessions?
I see now that the AccessDecisionVoter is a better solution than the custom userdetails, but the answer still remains for the same for the already logged in people.