question about authentication

question about authentication

[Bian, Naimeng]

Hi all

Does toaster support permission management in Build Mode? 

The permission management what I want to talk about is not http://toaster-server:8000/admin.
My question is that is there any login page for authentication.

If not, does it mean everyone who can access Toaster server can do everything including create/edit Project.
and do we have any plan to do it.

If so, would you telling me how to use it.

Thanks
 Bian

Re: question about authentication

[Barros Pena, Belen]

On 01/09/2015 00:58, "toaster-bounces@yoctoproject.org on behalf of Bian,
Naimeng" <toaster-bounces@yoctoproject.org on behalf of
biannm@cn.fujitsu.com> wrote:

>Hi all
>
>Does toaster support permission management in Build Mode?

No, I'm afraid it doesn't.

> 
>
>The permission management what I want to talk about is not
>http://toaster-server:8000/admin.
>My question is that is there any login page for authentication.
>
>If not, does it mean everyone who can access Toaster server can do
>everything including create/edit Project.

Right now, yes: whomever can access the Toaster instance can create and
modify projects, run builds and download artifacts.

>and do we have any plan to do it.

Yes, this is something we have been wanting to do for a while, but haven't
been able to for lack of development resources. We even have some designs
for a project-based basic permissions system providing 3 user types
(administrators, project creators and basic users). We also have a
Bugzilla entry to cover the work:

https://bugzilla.yoctoproject.org/show_bug.cgi?id=6233

If you would be interested in working on this, let me know. I would be
happy to share and discuss the proposed design.

Cheers

Belén

>
>If so, would you telling me how to use it.
>
>Thanks
> Bian
>-- 
>_______________________________________________
>toaster mailing list
>toaster@yoctoproject.org
>https://lists.yoctoproject.org/listinfo/toaster

Re: question about authentication

[Brian Avery]

In the sort term (though I haven't tested this), I think you can
restrict access via apache if you run toaster using wsgi. The built in
Django server isn't made for production use, so if you are concerned
with security this is probably a better configuration anyway.
Here's a googled link about this in case it helps:
https://community.webfaction.com/questions/256/apache-basic-authentication-for-mod_wsgi-inc-django-applications

If this does work (or works with some changes) it would be great if
you let us know!

-brian

On Tue, Sep 1, 2015 at 1:51 AM, Barros Pena, Belen
<belen.barros.pena@intel.com> wrote:
>
>
> On 01/09/2015 00:58, "toaster-bounces@yoctoproject.org on behalf of Bian,
> Naimeng" <toaster-bounces@yoctoproject.org on behalf of
> biannm@cn.fujitsu.com> wrote:
>
>>Hi all
>>
>>Does toaster support permission management in Build Mode?
>
> No, I'm afraid it doesn't.
>
>>
>>
>>The permission management what I want to talk about is not
>>http://toaster-server:8000/admin.
>>My question is that is there any login page for authentication.
>>
>>If not, does it mean everyone who can access Toaster server can do
>>everything including create/edit Project.
>
> Right now, yes: whomever can access the Toaster instance can create and
> modify projects, run builds and download artifacts.
>
>>and do we have any plan to do it.
>
> Yes, this is something we have been wanting to do for a while, but haven't
> been able to for lack of development resources. We even have some designs
> for a project-based basic permissions system providing 3 user types
> (administrators, project creators and basic users). We also have a
> Bugzilla entry to cover the work:
>
> https://bugzilla.yoctoproject.org/show_bug.cgi?id=6233
>
> If you would be interested in working on this, let me know. I would be
> happy to share and discuss the proposed design.
>
> Cheers
>
> Belén
>
>>
>>If so, would you telling me how to use it.
>>
>>Thanks
>> Bian
>>--
>>_______________________________________________
>>toaster mailing list
>>toaster@yoctoproject.org
>>https://lists.yoctoproject.org/listinfo/toaster
>
> --
> _______________________________________________
> toaster mailing list
> toaster@yoctoproject.org
> https://lists.yoctoproject.org/listinfo/toaster

Re: question about authentication

[Bian, Naimeng]

> -----Original Message-----
> From: Barros Pena, Belen [mailto:belen.barros.pena@intel.com]
> Sent: Tuesday, September 01, 2015 4:52 PM
> Subject: Re: [Toaster] question about authentication
> > 
> On 01/09/2015 00:58, "toaster-bounces@yoctoproject.org on behalf of Bian,
> Naimeng" <toaster-bounces@yoctoproject.org on behalf of
> biannm@cn.fujitsu.com> wrote:
> 
> >Hi all
> >
> >Does toaster support permission management in Build Mode?
> 
> No, I'm afraid it doesn't.
> 
> >
> >
> >The permission management what I want to talk about is not
> >http://toaster-server:8000/admin.
> >My question is that is there any login page for authentication.
> >
> >If not, does it mean everyone who can access Toaster server can do
> >everything including create/edit Project.
> 
> Right now, yes: whomever can access the Toaster instance can create and
> modify projects, run builds and download artifacts.
> 
> >and do we have any plan to do it.
> 
> Yes, this is something we have been wanting to do for a while, but haven't
> been able to for lack of development resources. We even have some designs
> for a project-based basic permissions system providing 3 user types
> (administrators, project creators and basic users). We also have a
> Bugzilla entry to cover the work:
> 
> https://bugzilla.yoctoproject.org/show_bug.cgi?id=6233
> 
> If you would be interested in working on this, let me know. I would be
> happy to share and discuss the proposed design.
> 

Thanks for your answer.
It's my pleasure to develop this feature, but I have some other works at the next few weeks,
If it doesn’t matter, I will do it from November.
Although I don't have any experience, because it's my first time to develop a Django project,
I will do my best to complete it with other guys. ^_^

Thanks
 Bian

> Cheers
> 
> Belén
> 
> >
> >If so, would you telling me how to use it.
> >
> >Thanks
> > Bian
> >--
> >_______________________________________________
> >toaster mailing list
> >toaster@yoctoproject.org
> >https://lists.yoctoproject.org/listinfo/toaster

Re: question about authentication

[Bian, Naimeng]

> -----Original Message-----
> From: Brian Avery [mailto:avery.brian@gmail.com]
> Sent: Tuesday, September 01, 2015 11:48 PM
> To: Barros Pena, Belen
> Cc: Bian, Naimeng/卞 乃猛; toaster@yoctoproject.org
> Subject: Re: [Toaster] question about authentication
> 
> In the sort term (though I haven't tested this), I think you can restrict access
> via apache if you run toaster using wsgi. The built in Django server isn't made
> for production use, so if you are concerned with security this is probably a
> better configuration anyway.
> Here's a googled link about this in case it helps:
> https://community.webfaction.com/questions/256/apache-basic-authentication
> -for-mod_wsgi-inc-django-applications
> 
> If this does work (or works with some changes) it would be great if you let
> us know!
> 

Sorry for my late.
I have confirmed that the apache-basic-authentication can work without any changes from
https://community.webfaction.com/questions/256/apache-basic-authentication-for-mod_wsgi-inc-django-applications

Thanks
 Bian

> -brian
> 
> On Tue, Sep 1, 2015 at 1:51 AM, Barros Pena, Belen <belen.barros.pena@intel.com>
> wrote:
> >
> >
> > On 01/09/2015 00:58, "toaster-bounces@yoctoproject.org on behalf of
> > Bian, Naimeng" <toaster-bounces@yoctoproject.org on behalf of
> > biannm@cn.fujitsu.com> wrote:
> >
> >>Hi all
> >>
> >>Does toaster support permission management in Build Mode?
> >
> > No, I'm afraid it doesn't.
> >
> >>
> >>
> >>The permission management what I want to talk about is not
> >>http://toaster-server:8000/admin.
> >>My question is that is there any login page for authentication.
> >>
> >>If not, does it mean everyone who can access Toaster server can do
> >>everything including create/edit Project.
> >
> > Right now, yes: whomever can access the Toaster instance can create
> > and modify projects, run builds and download artifacts.
> >
> >>and do we have any plan to do it.
> >
> > Yes, this is something we have been wanting to do for a while, but
> > haven't been able to for lack of development resources. We even have
> > some designs for a project-based basic permissions system providing 3
> > user types (administrators, project creators and basic users). We also
> > have a Bugzilla entry to cover the work:
> >
> > https://bugzilla.yoctoproject.org/show_bug.cgi?id=6233
> >
> > If you would be interested in working on this, let me know. I would be
> > happy to share and discuss the proposed design.
> >
> > Cheers
> >
> > Belén
> >
> >>
> >>If so, would you telling me how to use it.
> >>
> >>Thanks
> >> Bian
> >>--
> >>_______________________________________________
> >>toaster mailing list
> >>toaster@yoctoproject.org
> >>https://lists.yoctoproject.org/listinfo/toaster
> >
> > --
> > _______________________________________________
> > toaster mailing list
> > toaster@yoctoproject.org
> > https://lists.yoctoproject.org/listinfo/toaster

Re: question about authentication

[Barros Pena, Belen]

On 24/09/2015 01:35, "Bian, Naimeng" <biannm@cn.fujitsu.com> wrote:

>> -----Original Message-----
>> From: Barros Pena, Belen [mailto:belen.barros.pena@intel.com]
>> Sent: Tuesday, September 01, 2015 4:52 PM
>> Subject: Re: [Toaster] question about authentication
>> > 
>> On 01/09/2015 00:58, "toaster-bounces@yoctoproject.org on behalf of
>>Bian,
>> Naimeng" <toaster-bounces@yoctoproject.org on behalf of
>> biannm@cn.fujitsu.com> wrote:
>> 
>> >Hi all
>> >
>> >Does toaster support permission management in Build Mode?
>> 
>> No, I'm afraid it doesn't.
>> 
>> >
>> >
>> >The permission management what I want to talk about is not
>> >http://toaster-server:8000/admin.
>> >My question is that is there any login page for authentication.
>> >
>> >If not, does it mean everyone who can access Toaster server can do
>> >everything including create/edit Project.
>> 
>> Right now, yes: whomever can access the Toaster instance can create and
>> modify projects, run builds and download artifacts.
>> 
>> >and do we have any plan to do it.
>> 
>> Yes, this is something we have been wanting to do for a while, but
>>haven't
>> been able to for lack of development resources. We even have some
>>designs
>> for a project-based basic permissions system providing 3 user types
>> (administrators, project creators and basic users). We also have a
>> Bugzilla entry to cover the work:
>> 
>> https://bugzilla.yoctoproject.org/show_bug.cgi?id=6233
>> 
>> If you would be interested in working on this, let me know. I would be
>> happy to share and discuss the proposed design.
>> 
>
>Thanks for your answer.
>It's my pleasure to develop this feature, but I have some other works at
>the next few weeks,
>If it doesn¹t matter, I will do it from November.
>Although I don't have any experience, because it's my first time to
>develop a Django project,
>I will do my best to complete it with other guys. ^_^

Hi Bian,

This is great news. Thank you for offering to develop this feature :)

November works very well for us. It will give us some time to finish the
design and discuss it with you. Also, it is the beginning of the next
Yocto Project release cycle (2.0 will be released at the end of October,
so your work will be part of the 2.1 release).

You might know about our weekly contributors call already: it happens
every Wednesday at 4pm GMT. I am not sure how well that works for your
time zone, but joining the call once in a while would give you the chance
to get to know the other contributors. Hopefully you can make it.

Cheers

Belén

>
>Thanks
> Bian
>
>> Cheers
>> 
>> Belén
>> 
>> >
>> >If so, would you telling me how to use it.
>> >
>> >Thanks
>> > Bian
>> >--
>> >_______________________________________________
>> >toaster mailing list
>> >toaster@yoctoproject.org
>> >https://lists.yoctoproject.org/listinfo/toaster
>

Re: question about authentication

[Bian, Naimeng]

> -----Original Message-----
> From: Barros Pena, Belen [mailto:belen.barros.pena@intel.com]
> Sent: Friday, September 25, 2015 2:43 PM
> To: Bian, Naimeng; toaster@yoctoproject.org
> Subject: Re: [Toaster] question about authentication
> 
> On 24/09/2015 01:35, "Bian, Naimeng" <biannm@cn.fujitsu.com> wrote:
> 
> >> -----Original Message-----
> >> From: Barros Pena, Belen [mailto:belen.barros.pena@intel.com]
> >> Sent: Tuesday, September 01, 2015 4:52 PM
> >> Subject: Re: [Toaster] question about authentication
> >> >
> >> On 01/09/2015 00:58, "toaster-bounces@yoctoproject.org on behalf of
> >>Bian,  Naimeng" <toaster-bounces@yoctoproject.org on behalf of
> >>biannm@cn.fujitsu.com> wrote:
> >>
> >> >Hi all
> >> >
> >> >Does toaster support permission management in Build Mode?
> >>
> >> No, I'm afraid it doesn't.
> >>
> >> >
> >> >
> >> >The permission management what I want to talk about is not
> >> >http://toaster-server:8000/admin.
> >> >My question is that is there any login page for authentication.
> >> >
> >> >If not, does it mean everyone who can access Toaster server can do
> >> >everything including create/edit Project.
> >>
> >> Right now, yes: whomever can access the Toaster instance can create
> >> and modify projects, run builds and download artifacts.
> >>
> >> >and do we have any plan to do it.
> >>
> >> Yes, this is something we have been wanting to do for a while, but
> >>haven't  been able to for lack of development resources. We even have
> >>some designs  for a project-based basic permissions system providing 3
> >>user types  (administrators, project creators and basic users). We
> >>also have a  Bugzilla entry to cover the work:
> >>
> >> https://bugzilla.yoctoproject.org/show_bug.cgi?id=6233
> >>
> >> If you would be interested in working on this, let me know. I would
> >> be happy to share and discuss the proposed design.
> >>
> >
> >Thanks for your answer.
> >It's my pleasure to develop this feature, but I have some other works
> >at the next few weeks, If it doesn¹t matter, I will do it from
> >November.
> >Although I don't have any experience, because it's my first time to
> >develop a Django project, I will do my best to complete it with other
> >guys. ^_^
> 
> Hi Bian,
> 
> This is great news. Thank you for offering to develop this feature :)
> 
> November works very well for us. It will give us some time to finish the design
> and discuss it with you. Also, it is the beginning of the next Yocto Project
> release cycle (2.0 will be released at the end of October, so your work will
> be part of the 2.1 release).
> 

I got it.

> You might know about our weekly contributors call already: it happens every
> Wednesday at 4pm GMT. I am not sure how well that works for your time zone,
> but joining the call once in a while would give you the chance to get to know
> the other contributors. Hopefully you can make it.
> 

I'm GMT+8, so I think maybe I can't attend the weekly call. And I'm afraid my spoken english is too bad to talk with other contributors smoothly. ^_^
Is there a IRC? It will be good to me.

Thanks
 Bian

> Cheers
> 
> Belén
> 
> >
> >Thanks
> > Bian
> >
> >> Cheers
> >>
> >> Belén
> >>
> >> >
> >> >If so, would you telling me how to use it.
> >> >
> >> >Thanks
> >> > Bian
> >> >--
> >> >_______________________________________________
> >> >toaster mailing list
> >> >toaster@yoctoproject.org
> >> >https://lists.yoctoproject.org/listinfo/toaster
> >

Re: question about authentication

[Barros Pena, Belen]

On 09/10/2015 04:42, "Bian, Naimeng" <biannm@cn.fujitsu.com> wrote:

>
>I'm GMT+8, so I think maybe I can't attend the weekly call. And I'm
>afraid my spoken english is too bad to talk with other contributors
>smoothly. ^_^

No worries :)

>Is there a IRC? It will be good to me.

We all hang out in the Yocto Project IRC channel, but we could consider
creating a channel for Toaster, if that would be useful.

Would everybody else be ok with this?

Cheers

Belén


>
>Thanks
>Bian

Re: question about authentication

[Barros Pena, Belen]

On 12/10/2015 18:13, "toaster-bounces@yoctoproject.org on behalf of Barros
Pena, Belen" <toaster-bounces@yoctoproject.org on behalf of
belen.barros.pena@intel.com> wrote:

>
>
>On 09/10/2015 04:42, "Bian, Naimeng" <biannm@cn.fujitsu.com> wrote:
>
>>
>>I'm GMT+8, so I think maybe I can't attend the weekly call. And I'm
>>afraid my spoken english is too bad to talk with other contributors
>>smoothly. ^_^
>
>No worries :)
>
>>Is there a IRC? It will be good to me.
>
>We all hang out in the Yocto Project IRC channel, but we could consider
>creating a channel for Toaster, if that would be useful.

So we discussed this today, and the problem is that a separate IRC channel
would still be subject to the time difference problem (we won't be there
during Bian's working hours). So Bian, if you have questions, the best
ways to reach us are:

1. Send email to this mailing list
2. Ping us on the main yocto IRC channel if we are around (we are belen,
michaelw, bavery, ed and elliot).

People, if you are not in the yocto IRC channel, you probably should :)

Cheers

Belén

>
>Would everybody else be ok with this?
>
>Cheers
>
>Belén
>
>
>>
>>Thanks
>>Bian
>
>
>-- 
>_______________________________________________
>toaster mailing list
>toaster@yoctoproject.org
>https://lists.yoctoproject.org/listinfo/toaster

Re: question about authentication

[Bian, Naimeng]

> -----Original Message-----
> From: Barros Pena, Belen [mailto:belen.barros.pena@intel.com]
> Sent: Wednesday, October 14, 2015 11:58 PM
> To: Barros Pena, Belen; Bian, Naimeng; toaster@yoctoproject.org
> Subject: Re: [Toaster] question about authentication
> 
> On 12/10/2015 18:13, "toaster-bounces@yoctoproject.org on behalf of Barros
> Pena, Belen" <toaster-bounces@yoctoproject.org on behalf of
> belen.barros.pena@intel.com> wrote:
> >
> >On 09/10/2015 04:42, "Bian, Naimeng" <biannm@cn.fujitsu.com> wrote:
> >
> >>
> >>I'm GMT+8, so I think maybe I can't attend the weekly call. And I'm
> >>afraid my spoken english is too bad to talk with other contributors
> >>smoothly. ^_^
> >
> >No worries :)
> >
> >>Is there a IRC? It will be good to me.
> >
> >We all hang out in the Yocto Project IRC channel, but we could consider
> >creating a channel for Toaster, if that would be useful.
> 
> So we discussed this today, and the problem is that a separate IRC channel would
> still be subject to the time difference problem (we won't be there during Bian's
> working hours). So Bian, if you have questions, the best ways to reach us are:
> 
> 1. Send email to this mailing list
> 2. Ping us on the main yocto IRC channel if we are around (we are belen, michaelw,
> bavery, ed and elliot).

OK. I got it.

Thanks
 Bian

> 
> People, if you are not in the yocto IRC channel, you probably should :)
> 
> Cheers
> 
> Belén
> 
> >
> >Would everybody else be ok with this?
> >
> >Cheers
> >
> >Belén
> >
> >
> >>
> >>Thanks
> >>Bian
> >
> >
> >--
> >_______________________________________________
> >toaster mailing list
> >toaster@yoctoproject.org
> >https://lists.yoctoproject.org/listinfo/toaster

question about authentication

[Bian, Naimeng]

Hi all

Does toaster support permission management in Build Mode? 

The permission management what I want to talk about is not http://toaster-server:8000/admin.
My question is that is there any login page for authentication.

If not, does it mean everyone who can access Toaster server can do everything including create/edit Project.
and do we have any plan to do it.

If so, would you telling me how to use it.

Thanks
 Bian