You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@rocketmq.apache.org by GitBox <gi...@apache.org> on 2021/04/19 07:05:38 UTC

[GitHub] [rocketmq-externals] JingSpring opened a new issue #707: The problem of rocketmq-console permission

JingSpring opened a new issue #707:
URL: https://github.com/apache/rocketmq-externals/issues/707


   What's the difference between the administrator role and the ordinary user role of rocketmq console? When testing, I found that the permissions were the same.


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [rocketmq-externals] vongosling commented on issue #707: The problem of rocketmq-console permission

Posted by GitBox <gi...@apache.org>.

vongosling commented on issue #707:
URL: https://github.com/apache/rocketmq-externals/issues/707#issuecomment-893922120


   @StyleTang Thoughts?


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscribe@rocketmq.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [rocketmq-externals] zhangjidi2016 commented on issue #707: The problem of rocketmq-console permission

Posted by GitBox <gi...@apache.org>.

zhangjidi2016 commented on issue #707:
URL: https://github.com/apache/rocketmq-externals/issues/707#issuecomment-893574845


   Currently, there are two types of users on the console, admin and common users. The admin user has the permission to access all interfaces, and the common user has the permission to view resources but cannot operate related resources. To do this, I'm going to implement a simple permission verification feature.
   
   1. When the login user calls all interfaces, the permission of each interface is verified by AOP, by checking whether the role to which the user belongs has the access permission of the interface. All interface urls that a common user role has access permissions are saved in a file. The file is hot updated to facilitate adding or deleting permissions.
   
   2. In the interface, in order to distinguish admin from ordinary users more easily, the buttons for creating, updating and deleting operations are not displayed for ordinary users.
   
   Please help to evaluate whether this scheme is feasible? @francisoliverlee @vongosling 


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscribe@rocketmq.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [rocketmq-externals] vongosling closed issue #707: The problem of rocketmq-console permission

Posted by GitBox <gi...@apache.org>.

vongosling closed issue #707:
URL: https://github.com/apache/rocketmq-externals/issues/707


   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscribe@rocketmq.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [rocketmq-externals] StyleTang commented on issue #707: The problem of rocketmq-console permission

Posted by GitBox <gi...@apache.org>.

StyleTang commented on issue #707:
URL: https://github.com/apache/rocketmq-externals/issues/707#issuecomment-894274606


   LGTM
   It would be great if console have the features which have been mentioned. 
   
   1. Use AOP to do the resource permission control is a good way, and hot update is very convenient for admin to use (maybe we can also provide a page for admin to maintain the roles and users)
   2. Using permissions to control the display can provide a good user experience.
   
   We may introduce the RBAC permission control, at the beginning we can have admin and common user. Later, we can have more detailed control, such as which users can manage which topics, different user can have different permissions.


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscribe@rocketmq.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [rocketmq-externals] vongosling commented on issue #707: The problem of rocketmq-console permission

Posted by GitBox <gi...@apache.org>.

vongosling commented on issue #707:
URL: https://github.com/apache/rocketmq-externals/issues/707#issuecomment-894901402


   Cool, we could push forward in this direction.


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscribe@rocketmq.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org