Project

General

Profile

Updated about 5 years ago by: markus schulte

Skype conversation

Mittwoch, 2. September 2015
[18:24:33] markus schulte: pls hav a look at https://rm3.dom.de/projects/ras001
[18:37:21] Ramiz Raja: Hi Markus
[18:37:42] Ramiz Raja: Can you explain your requirements in detail
[18:37:42] markus schulte: hi ramiz
[18:37:43] Ramiz Raja: ?
[18:38:04] markus schulte: hm. that is the detail ;-)
[18:38:22] markus schulte: what else you need to know?
[18:38:42] markus schulte: it is supposeed to be an api only plugin
[18:39:04] markus schulte: dedicated for user authorization.
[18:39:29] markus schulte: next step would be to write a CASserver plugin using this api
[18:40:43] Ramiz Raja: So, the api will authorise the user and return the status code?
[18:40:57] markus schulte: yes
[18:41:29] Ramiz Raja: https://rm3.dom.de/<plugin_namespace>/%projectID/%permission
[18:41:37] markus schulte: ah ok.
[18:41:50] markus schulte: well think of repositories.
[18:41:55] Ramiz Raja: You also want to authorise against specific permission for project?
[18:41:59] markus schulte: we serve them via grack
[18:42:50] markus schulte: right now grack uses pam auth and pam does a sql query to determine if someone has the right to push on the projects repository.
[18:43:26] Ramiz Raja: right
[18:43:34] markus schulte: in that case the request would look like this:
[18:44:18] markus schulte: rm3.dom.de/redmine_api_auth/projectID/_pusher_
[18:44:52] markus schulte: if i remember properly internaly redmine uses these underscore-literals for permissions.
[18:45:10] markus schulte: and we introduced that pusher permission somewhere.
[18:45:30] markus schulte: but you'll know more about that than i do.
[18:45:43] markus schulte: another example could be owncloud
[18:46:14] markus schulte: right know that is integrated via a strange owncloud plugin that does is not updated any longer.
[18:46:33] markus schulte: we could then setup a project "owncloud" in redmine
[18:47:08] markus schulte: and give any memeber the issue permission.
[18:47:46] markus schulte: the call would be rm3.dom.de/api_auth/owncloud_projectID/_issue_
[18:47:59] markus schulte: ok?
[18:48:33] Ramiz Raja: Right
[18:49:13] Ramiz Raja: You would make an api call via curl with <ProjectID> and <Permission> variables
[18:49:14] Ramiz Raja: right?
[18:49:19] markus schulte: yes
[18:49:24] Ramiz Raja: for particular user
[18:49:32] markus schulte: yes
[18:49:41] Ramiz Raja: via api key or username:password
[18:50:01] markus schulte: but we hand over the user 'implicitly'. it is the one who authenticates
[18:50:09] markus schulte: both should work
[18:50:25] markus schulte: but i think both will work out of the box
[18:50:36] markus schulte: this is how redmine api worx
[18:51:16] Ramiz Raja: Yes, we can create it so that both username:password and api key would work.
[18:51:23] markus schulte: :-)
[18:52:01] Ramiz Raja: I'll look further into work to be done for this plugin and make a quote tomorrow.
[18:52:03] Ramiz Raja: ok?
[18:52:05] markus schulte: i only wonder why such thing does not exist yet.
[18:52:10] markus schulte: yes.
[18:52:23] markus schulte: looking forward to hear from you.
[18:53:08] Ramiz Raja: You can create issues and some other things via api call but for just authentication there is no api available in redmine.
[18:53:45] markus schulte: http://www.redmine.org/projects/redmine/wiki/Rest_api
[18:53:59] markus schulte: digged through that of course
[18:54:35] Ramiz Raja: ya

Add picture from clipboard (Maximum size: 1.05 GB)