This is the mail archive of the gnats-devel@sources.redhat.com mailing list for the GNATS project.

Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]

Re: access control

>>>>> "HS" == Hans-Albert Schneider <Hans-Albert.Schneider@mchp.siemens.de> writes:

    HS> I cannot speak for Peter, of course.  However, we are currently
    HS> using GNATS internally.  Opening it to our customers would
    HS> require some method to restrict access such that customers are
    HS> unable to see the reports submitted by other customers, because
    HS> the reports sometimes include real-life data of the customer.
    HS> Of course, each customer should be able to see all their own
    HS> reports.  (So the granularity of the "confidential" flag is too
    HS> coarse.)

I agree this is a real and important problem.  I used to have a similar
problem.  I solved it by using gnats2w authentication and authorization
mechanism, but it should actually be handled in gnatsd.

    HS> A first idea that comes into my mind is to have a mapping of
    HS> usernames - to submitter id(s) the user is allowed to use in
    HS> submitting reports, and - to the submitter ids whose reports
    HS> this user may see (both in listings and in full).  [BTW, this
    HS> would interfere with the "merging duplicates" feature discussed
    HS> recently on the list.]

    HS> The mapping could be done by two optional fields to
    HS> gnatsd.access.

Well, maybe.

    HS> This feature could be combined with the "confidential" flag:
    HS> Reports marked confidential are only visible to the same
    HS> submitter id, others are visible to everyone.

This sounds very reasonable.

    HS> Of course, the developers must be able to see all reports, as
    HS> should those of us who do consulting for the customers.

Yes, that could be done with a wildcard in the configuration.

>>>>> "PN" == Peter Novodvorsky <nidd@altlinux.ru> writes:

    PN> Milan Zamazal wrote:

    >>>>>>> "PN" == Peter Novodvorsky <nidd@altlinux.ru> writes:
    >>>>>>
    PN> 1). i don't like that client can pass without authentication
    PN> phase.  If he want to login as anonymous, he has to do it. IE,
    PN> USER anonymous nidd@altlinux.ru
    >> Hm, are there any *real* benefits of this except it's annoying
    >> during debugging?:-)

    PN> Yes, I want to devide everything in several stages. One of them
    PN> is authentification stage (Like in ftp/pop3).

Do you talk about your application or about gnatsd protocol
elegance? :-)  If the first, creating an anonymous user should be
sufficient, and if the latter, frankly, I don't care much.

    PN> Some of them come for theoretical level, and some of them have
    PN> real-life reasons.  Company I work for makes a distribution. It
    PN> is maintained by my coworkers and some people who volounteer. I
    PN> want them to have rights to edit only their bug reports while
    PN> office people to edit any bug report.

OK, this should be solved in foreseeable future.

    PN> OK. In this case I was talking about non-existing GNATS5. ;-)

Well, let's say 4.1. :-)

I know there are important features that should be included in GNATS,
but we should really release GNATS 4 sometimes and let the most
important new features be solved in the first non bug fix release after
it.  Thanks to all the contributors, especially Yngve, we got much
closer to the GNATS 4 release now, so let's not delay it again. :-)

Milan Zamazal

-- 
  _/_\_/_  o     _\_/_\_  o     _/_\_/_  o     _\_/_\_  o    BEWARE!
-<_|_|_|_><--  -<_|_|_|_><--  -<_|_|_|_><--  -<_|_|_|_><--   *Bugs* are
   / \ /   o      \ / \   o      / \ /   o      \ / \   o     approaching!
Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]