about feature-authorizer-matrix-func #4
Description
I have read https://github.com/EmbeddedEnterprises/autobahnkreuz/blob/master/auth/feature.md.
From I understood, feature-authorizer-matrix-func is an wamp endpoint. From this endpoint, router can receiver a authorize json-string or other format string.
I think this feature is better than crossbar. crossbar put authorizer matrix into config.json. It results in the problem that client authorizer program modified the config.json. It's a risk and inconvenient in production, because config.json has many other important arguments.
Another thing, authorize model in feature.md is simpler than crossbar. The following examples is used in my current project.
{
"name": "operator",
"permissions": [
{
"uri": "",
"match": "prefix",
"allow": {
"call": true,
"register": true,
"publish": true,
"subscribe": true
},
"disclose": {
"caller": true,
"publisher": false
},
"cache": true
},
{
"uri": "db.delete.user",
"match": "prefix",
"allow": {
"call": false,
"register": false,
"publish": false,
"subscribe": true
},
"disclose": {
"caller": false,
"publisher": false
},
"cache": true
},
{
"uri": "db.delete.role",
"match": "prefix",
"allow": {
"call": false,
"register": false,
"publish": false,
"subscribe": true
},
"disclose": {
"caller": false,
"publisher": false
},
"cache": true
},{
"uri": "db.update.user",
"match": "prefix",
"allow": {
"call": true,
"register": false,
"publish": false,
"subscribe": true
},
"disclose": {
"caller": false,
"publisher": false
},
"cache": true
},
{
"uri": "db.update.user.login",
"match": "prefix",
"allow": {
"call": true,
"register": false,
"publish": false,
"subscribe": true
},
"disclose": {
"caller": false,
"publisher": false
},
"cache": true
}
......
Of course, the current missing features is not core features in authorial.
Metadata
Metadata
Assignees
Labels
No labels