[asterisk-dev] Asterisk 12 API improvements
Olle E. Johansson
oej at edvina.net
Mon Dec 3 02:55:06 CST 2012
1 dec 2012 kl. 14:24 skrev Joshua Colp <jcolp at digium.com>:
> Olle E. Johansson wrote:
>> "Authorization: No immediate need for multiple levels or granular permissions inside the api."
>>
>> I disagree. Some of my patches have been focused on being able to host multiple companies in one PBX.
>> We do need authorization so we can implement "realms" within Asterisk - which channels are one
>> particular user (or group) allowed to follow, manipulate and originate?
>
> I think a complete authorization system with permissions would be great but starting out should not be a blocker. The design of the overall API should also not forbid such a thing.
>
> Why do I say this?
>
> From my personal experience and seeing what others have done the view of a permissions system vastly differs and can really end up being application specific. Expressing this in a generic fashion is really hard. Take AMI classes - is everyone *really* happy with them? I'm not. If you are clever there are ways around them. That's not to say they don't get some jobs done.
>
> Gathering what people want from such a permissions system and tackling that in parallel would be awesome. This may actually end up really illustrating the different views of permissions and how one size can not fit all unless the deployer just submits and accepts it, but that's a wild guess. So don't just say you want one, say what you need from it. This is a chance to get it right - so don't just leave it up to guessing.
I stated clearly the goal - to be able to host multiple companies in one PBX. What part of that was unclear, Josh?
Of course there are many other goals around, but this has been my focus for quite a while, with multiparking, context for originate and redirect any many other patches.
/O
More information about the asterisk-dev
mailing list