You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@openwhisk.apache.org by GitBox <gi...@apache.org> on 2019/01/28 12:12:15 UTC
[GitHub] mhenke1 commented on issue #4058: Add protect feature to avoid
update or delete actions by mistake
mhenke1 commented on issue #4058: Add protect feature to avoid update or delete actions by mistake
URL: https://github.com/apache/incubator-openwhisk/pull/4058#issuecomment-458108322
@ningyougang
Sorry for joining late in this discussion.
In my last year I have implemented the SPIs for plugging in alternative Authentication and Entitlement providers in Openwhisk. My strong suggestion would be to place any additional code checking for entitlement (in this case: the entitlement to delete entities) into the existing entitlement SPI implementation.
Alternative entitlement implementations (like the one I have implemented for IBM cloud functions) might prevent accidental deletion in other ways like configuring user or user group specific polices
in a policy system. They have no need of additional protection.
Of course the default entitlement provider would benefit from a mechanism like the one you proposed. By moving the functionality in the Entitelemnt-SPI the functionality could be added to the default path, but would not interfere with alternative entitlement implementations.
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
With regards,
Apache Git Services