[asterisk-dev] Asterisk 12 API improvements
Joshua Colp
jcolp at digium.com
Sat Dec 1 07:24:17 CST 2012
Olle E. Johansson wrote:
> "Authorization: No immediate need for multiple levels or granular permissions inside the api."
>
> I disagree. Some of my patches have been focused on being able to host multiple companies in one PBX.
> We do need authorization so we can implement "realms" within Asterisk - which channels are one
> particular user (or group) allowed to follow, manipulate and originate?
I think a complete authorization system with permissions would be great
but starting out should not be a blocker. The design of the overall API
should also not forbid such a thing.
Why do I say this?
From my personal experience and seeing what others have done the view
of a permissions system vastly differs and can really end up being
application specific. Expressing this in a generic fashion is really
hard. Take AMI classes - is everyone *really* happy with them? I'm not.
If you are clever there are ways around them. That's not to say they
don't get some jobs done.
Gathering what people want from such a permissions system and tackling
that in parallel would be awesome. This may actually end up really
illustrating the different views of permissions and how one size can not
fit all unless the deployer just submits and accepts it, but that's a
wild guess. So don't just say you want one, say what you need from it.
This is a chance to get it right - so don't just leave it up to guessing.
Cheers,
--
Joshua Colp
Digium, Inc. | Senior Software Developer
445 Jan Davis Drive NW - Huntsville, AL 35806 - USA
Check us out at: www.digium.com & www.asterisk.org
More information about the asterisk-dev
mailing list