[Yanel-dev] Loading of users and groups as XML

Michael Wechner michael.wechner at wyona.com
Sat Feb 13 08:26:14 CET 2010 

Guillaume Déflache wrote:
> Hi!
>
> Michael Wechner schrieb:
>> Hi
>>
>> The PolicyManager resource
>>
>> src/contributions/resources/policymanager/src/java/org/wyona/yanel/impl/resources/policymanager/PolicyManagerResource.java 
>>
>>
>> is loading users and groups via the following query string
>>
>> /foo/bar?yanel.policy=update&get=identities
>>
>> which then is handled by the YanelServlet#doAccessPolicyRequest()
>>
>> first, but then forwarded again to the PolicyManager resource
>>
>> if (getXML != null && getXML.equals("identities")) {
>> sb.append(getIdentitiesAndRightsAsXML(getRealm().getIdentityManager(), 
>> getRealm().getPolicyManager(), get
>> RequestedLanguage()));
>>
>> Now I would like to re-use this for editing users and groups, but it 
>> seems to me that the main purpose of the policy manager
>> resource is to manage policies and not users and groups and hence I 
>> think we should re-factor this by introducing a IdentityManagerResource.
>>
>> WDYT?
>
> I fully agree!
>
> I think we should put that under e.g. <yanel-prefix>/admin/groups and 
> <yanel-prefix>/admin/users

I thought a bit more about this and I think we should do either


(1) A "mapping" like

(1.1) <yanel-prefix>/api/usermanager?yanel.usecase=getusers

        to

       org.wyona.security.core.api.UserManager#getUsers()

(1.2) <yanel-prefix>/api/usermanager?yanel.usecase=getuser&id=joe

        to
 
       org.wyona.security.core.api.UserManager#getUser(String id)

OR

(2) We introduce a SOAP interface for this

       (as a second phase)

>
>
> Also why not using /foo/bar/yanel.usecase=read-policy (resp. 
> update-policy) instead of /foo/bar?yanel.policy=read (resp. update)?

I will try to add this to

src/webapp/src/java/org/wyona/yanel/servlet/YanelServlet.java

and set the existing one to deprecated
> It goes in the way of allowing to fully split policy reading code from 
> the PolicyManager, which would be also helpful IMHO, because you may 
> want to reimplement both parts separately.

Can you explain this in more detail, because I am not sure I understand 
what you mean.

Thanks

Michi
>
> Cheers,
>    Guillaume

More information about the Yanel-development mailing list