* question about authentication
@ 2015-08-31 23:58 Bian, Naimeng
2015-09-01 8:51 ` Barros Pena, Belen
0 siblings, 1 reply; 11+ messages in thread
From: Bian, Naimeng @ 2015-08-31 23:58 UTC (permalink / raw)
To: toaster
Hi all
Does toaster support permission management in Build Mode?
The permission management what I want to talk about is not http://toaster-server:8000/admin.
My question is that is there any login page for authentication.
If not, does it mean everyone who can access Toaster server can do everything including create/edit Project.
and do we have any plan to do it.
If so, would you telling me how to use it.
Thanks
Bian
^ permalink raw reply [flat|nested] 11+ messages in thread
* Re: question about authentication
2015-08-31 23:58 question about authentication Bian, Naimeng
@ 2015-09-01 8:51 ` Barros Pena, Belen
2015-09-01 15:48 ` Brian Avery
2015-09-24 0:35 ` Bian, Naimeng
0 siblings, 2 replies; 11+ messages in thread
From: Barros Pena, Belen @ 2015-09-01 8:51 UTC (permalink / raw)
To: Bian, Naimeng, toaster
On 01/09/2015 00:58, "toaster-bounces@yoctoproject.org on behalf of Bian,
Naimeng" <toaster-bounces@yoctoproject.org on behalf of
biannm@cn.fujitsu.com> wrote:
>Hi all
>
>Does toaster support permission management in Build Mode?
No, I'm afraid it doesn't.
>
>
>The permission management what I want to talk about is not
>http://toaster-server:8000/admin.
>My question is that is there any login page for authentication.
>
>If not, does it mean everyone who can access Toaster server can do
>everything including create/edit Project.
Right now, yes: whomever can access the Toaster instance can create and
modify projects, run builds and download artifacts.
>and do we have any plan to do it.
Yes, this is something we have been wanting to do for a while, but haven't
been able to for lack of development resources. We even have some designs
for a project-based basic permissions system providing 3 user types
(administrators, project creators and basic users). We also have a
Bugzilla entry to cover the work:
https://bugzilla.yoctoproject.org/show_bug.cgi?id=6233
If you would be interested in working on this, let me know. I would be
happy to share and discuss the proposed design.
Cheers
Belén
>
>If so, would you telling me how to use it.
>
>Thanks
> Bian
>--
>_______________________________________________
>toaster mailing list
>toaster@yoctoproject.org
>https://lists.yoctoproject.org/listinfo/toaster
^ permalink raw reply [flat|nested] 11+ messages in thread
* Re: question about authentication
2015-09-01 8:51 ` Barros Pena, Belen
@ 2015-09-01 15:48 ` Brian Avery
2015-09-24 0:44 ` Bian, Naimeng
2015-09-24 0:35 ` Bian, Naimeng
1 sibling, 1 reply; 11+ messages in thread
From: Brian Avery @ 2015-09-01 15:48 UTC (permalink / raw)
To: Barros Pena, Belen; +Cc: toaster
In the sort term (though I haven't tested this), I think you can
restrict access via apache if you run toaster using wsgi. The built in
Django server isn't made for production use, so if you are concerned
with security this is probably a better configuration anyway.
Here's a googled link about this in case it helps:
https://community.webfaction.com/questions/256/apache-basic-authentication-for-mod_wsgi-inc-django-applications
If this does work (or works with some changes) it would be great if
you let us know!
-brian
On Tue, Sep 1, 2015 at 1:51 AM, Barros Pena, Belen
<belen.barros.pena@intel.com> wrote:
>
>
> On 01/09/2015 00:58, "toaster-bounces@yoctoproject.org on behalf of Bian,
> Naimeng" <toaster-bounces@yoctoproject.org on behalf of
> biannm@cn.fujitsu.com> wrote:
>
>>Hi all
>>
>>Does toaster support permission management in Build Mode?
>
> No, I'm afraid it doesn't.
>
>>
>>
>>The permission management what I want to talk about is not
>>http://toaster-server:8000/admin.
>>My question is that is there any login page for authentication.
>>
>>If not, does it mean everyone who can access Toaster server can do
>>everything including create/edit Project.
>
> Right now, yes: whomever can access the Toaster instance can create and
> modify projects, run builds and download artifacts.
>
>>and do we have any plan to do it.
>
> Yes, this is something we have been wanting to do for a while, but haven't
> been able to for lack of development resources. We even have some designs
> for a project-based basic permissions system providing 3 user types
> (administrators, project creators and basic users). We also have a
> Bugzilla entry to cover the work:
>
> https://bugzilla.yoctoproject.org/show_bug.cgi?id=6233
>
> If you would be interested in working on this, let me know. I would be
> happy to share and discuss the proposed design.
>
> Cheers
>
> Belén
>
>>
>>If so, would you telling me how to use it.
>>
>>Thanks
>> Bian
>>--
>>_______________________________________________
>>toaster mailing list
>>toaster@yoctoproject.org
>>https://lists.yoctoproject.org/listinfo/toaster
>
> --
> _______________________________________________
> toaster mailing list
> toaster@yoctoproject.org
> https://lists.yoctoproject.org/listinfo/toaster
^ permalink raw reply [flat|nested] 11+ messages in thread
* Re: question about authentication
2015-09-01 8:51 ` Barros Pena, Belen
2015-09-01 15:48 ` Brian Avery
@ 2015-09-24 0:35 ` Bian, Naimeng
2015-09-25 6:43 ` Barros Pena, Belen
1 sibling, 1 reply; 11+ messages in thread
From: Bian, Naimeng @ 2015-09-24 0:35 UTC (permalink / raw)
To: Barros Pena, Belen, toaster
> -----Original Message-----
> From: Barros Pena, Belen [mailto:belen.barros.pena@intel.com]
> Sent: Tuesday, September 01, 2015 4:52 PM
> Subject: Re: [Toaster] question about authentication
> >
> On 01/09/2015 00:58, "toaster-bounces@yoctoproject.org on behalf of Bian,
> Naimeng" <toaster-bounces@yoctoproject.org on behalf of
> biannm@cn.fujitsu.com> wrote:
>
> >Hi all
> >
> >Does toaster support permission management in Build Mode?
>
> No, I'm afraid it doesn't.
>
> >
> >
> >The permission management what I want to talk about is not
> >http://toaster-server:8000/admin.
> >My question is that is there any login page for authentication.
> >
> >If not, does it mean everyone who can access Toaster server can do
> >everything including create/edit Project.
>
> Right now, yes: whomever can access the Toaster instance can create and
> modify projects, run builds and download artifacts.
>
> >and do we have any plan to do it.
>
> Yes, this is something we have been wanting to do for a while, but haven't
> been able to for lack of development resources. We even have some designs
> for a project-based basic permissions system providing 3 user types
> (administrators, project creators and basic users). We also have a
> Bugzilla entry to cover the work:
>
> https://bugzilla.yoctoproject.org/show_bug.cgi?id=6233
>
> If you would be interested in working on this, let me know. I would be
> happy to share and discuss the proposed design.
>
Thanks for your answer.
It's my pleasure to develop this feature, but I have some other works at the next few weeks,
If it doesn’t matter, I will do it from November.
Although I don't have any experience, because it's my first time to develop a Django project,
I will do my best to complete it with other guys. ^_^
Thanks
Bian
> Cheers
>
> Belén
>
> >
> >If so, would you telling me how to use it.
> >
> >Thanks
> > Bian
> >--
> >_______________________________________________
> >toaster mailing list
> >toaster@yoctoproject.org
> >https://lists.yoctoproject.org/listinfo/toaster
^ permalink raw reply [flat|nested] 11+ messages in thread
* Re: question about authentication
2015-09-01 15:48 ` Brian Avery
@ 2015-09-24 0:44 ` Bian, Naimeng
0 siblings, 0 replies; 11+ messages in thread
From: Bian, Naimeng @ 2015-09-24 0:44 UTC (permalink / raw)
To: Brian Avery, Barros Pena, Belen; +Cc: toaster
> -----Original Message-----
> From: Brian Avery [mailto:avery.brian@gmail.com]
> Sent: Tuesday, September 01, 2015 11:48 PM
> To: Barros Pena, Belen
> Cc: Bian, Naimeng/卞 乃猛; toaster@yoctoproject.org
> Subject: Re: [Toaster] question about authentication
>
> In the sort term (though I haven't tested this), I think you can restrict access
> via apache if you run toaster using wsgi. The built in Django server isn't made
> for production use, so if you are concerned with security this is probably a
> better configuration anyway.
> Here's a googled link about this in case it helps:
> https://community.webfaction.com/questions/256/apache-basic-authentication
> -for-mod_wsgi-inc-django-applications
>
> If this does work (or works with some changes) it would be great if you let
> us know!
>
Sorry for my late.
I have confirmed that the apache-basic-authentication can work without any changes from
https://community.webfaction.com/questions/256/apache-basic-authentication-for-mod_wsgi-inc-django-applications
Thanks
Bian
> -brian
>
> On Tue, Sep 1, 2015 at 1:51 AM, Barros Pena, Belen <belen.barros.pena@intel.com>
> wrote:
> >
> >
> > On 01/09/2015 00:58, "toaster-bounces@yoctoproject.org on behalf of
> > Bian, Naimeng" <toaster-bounces@yoctoproject.org on behalf of
> > biannm@cn.fujitsu.com> wrote:
> >
> >>Hi all
> >>
> >>Does toaster support permission management in Build Mode?
> >
> > No, I'm afraid it doesn't.
> >
> >>
> >>
> >>The permission management what I want to talk about is not
> >>http://toaster-server:8000/admin.
> >>My question is that is there any login page for authentication.
> >>
> >>If not, does it mean everyone who can access Toaster server can do
> >>everything including create/edit Project.
> >
> > Right now, yes: whomever can access the Toaster instance can create
> > and modify projects, run builds and download artifacts.
> >
> >>and do we have any plan to do it.
> >
> > Yes, this is something we have been wanting to do for a while, but
> > haven't been able to for lack of development resources. We even have
> > some designs for a project-based basic permissions system providing 3
> > user types (administrators, project creators and basic users). We also
> > have a Bugzilla entry to cover the work:
> >
> > https://bugzilla.yoctoproject.org/show_bug.cgi?id=6233
> >
> > If you would be interested in working on this, let me know. I would be
> > happy to share and discuss the proposed design.
> >
> > Cheers
> >
> > Belén
> >
> >>
> >>If so, would you telling me how to use it.
> >>
> >>Thanks
> >> Bian
> >>--
> >>_______________________________________________
> >>toaster mailing list
> >>toaster@yoctoproject.org
> >>https://lists.yoctoproject.org/listinfo/toaster
> >
> > --
> > _______________________________________________
> > toaster mailing list
> > toaster@yoctoproject.org
> > https://lists.yoctoproject.org/listinfo/toaster
^ permalink raw reply [flat|nested] 11+ messages in thread
* Re: question about authentication
2015-09-24 0:35 ` Bian, Naimeng
@ 2015-09-25 6:43 ` Barros Pena, Belen
2015-10-09 3:42 ` Bian, Naimeng
0 siblings, 1 reply; 11+ messages in thread
From: Barros Pena, Belen @ 2015-09-25 6:43 UTC (permalink / raw)
To: Bian, Naimeng, toaster
On 24/09/2015 01:35, "Bian, Naimeng" <biannm@cn.fujitsu.com> wrote:
>> -----Original Message-----
>> From: Barros Pena, Belen [mailto:belen.barros.pena@intel.com]
>> Sent: Tuesday, September 01, 2015 4:52 PM
>> Subject: Re: [Toaster] question about authentication
>> >
>> On 01/09/2015 00:58, "toaster-bounces@yoctoproject.org on behalf of
>>Bian,
>> Naimeng" <toaster-bounces@yoctoproject.org on behalf of
>> biannm@cn.fujitsu.com> wrote:
>>
>> >Hi all
>> >
>> >Does toaster support permission management in Build Mode?
>>
>> No, I'm afraid it doesn't.
>>
>> >
>> >
>> >The permission management what I want to talk about is not
>> >http://toaster-server:8000/admin.
>> >My question is that is there any login page for authentication.
>> >
>> >If not, does it mean everyone who can access Toaster server can do
>> >everything including create/edit Project.
>>
>> Right now, yes: whomever can access the Toaster instance can create and
>> modify projects, run builds and download artifacts.
>>
>> >and do we have any plan to do it.
>>
>> Yes, this is something we have been wanting to do for a while, but
>>haven't
>> been able to for lack of development resources. We even have some
>>designs
>> for a project-based basic permissions system providing 3 user types
>> (administrators, project creators and basic users). We also have a
>> Bugzilla entry to cover the work:
>>
>> https://bugzilla.yoctoproject.org/show_bug.cgi?id=6233
>>
>> If you would be interested in working on this, let me know. I would be
>> happy to share and discuss the proposed design.
>>
>
>Thanks for your answer.
>It's my pleasure to develop this feature, but I have some other works at
>the next few weeks,
>If it doesn¹t matter, I will do it from November.
>Although I don't have any experience, because it's my first time to
>develop a Django project,
>I will do my best to complete it with other guys. ^_^
Hi Bian,
This is great news. Thank you for offering to develop this feature :)
November works very well for us. It will give us some time to finish the
design and discuss it with you. Also, it is the beginning of the next
Yocto Project release cycle (2.0 will be released at the end of October,
so your work will be part of the 2.1 release).
You might know about our weekly contributors call already: it happens
every Wednesday at 4pm GMT. I am not sure how well that works for your
time zone, but joining the call once in a while would give you the chance
to get to know the other contributors. Hopefully you can make it.
Cheers
Belén
>
>Thanks
> Bian
>
>> Cheers
>>
>> Belén
>>
>> >
>> >If so, would you telling me how to use it.
>> >
>> >Thanks
>> > Bian
>> >--
>> >_______________________________________________
>> >toaster mailing list
>> >toaster@yoctoproject.org
>> >https://lists.yoctoproject.org/listinfo/toaster
>
^ permalink raw reply [flat|nested] 11+ messages in thread
* Re: question about authentication
2015-09-25 6:43 ` Barros Pena, Belen
@ 2015-10-09 3:42 ` Bian, Naimeng
2015-10-12 17:13 ` Barros Pena, Belen
0 siblings, 1 reply; 11+ messages in thread
From: Bian, Naimeng @ 2015-10-09 3:42 UTC (permalink / raw)
To: Barros Pena, Belen, toaster
> -----Original Message-----
> From: Barros Pena, Belen [mailto:belen.barros.pena@intel.com]
> Sent: Friday, September 25, 2015 2:43 PM
> To: Bian, Naimeng; toaster@yoctoproject.org
> Subject: Re: [Toaster] question about authentication
>
> On 24/09/2015 01:35, "Bian, Naimeng" <biannm@cn.fujitsu.com> wrote:
>
> >> -----Original Message-----
> >> From: Barros Pena, Belen [mailto:belen.barros.pena@intel.com]
> >> Sent: Tuesday, September 01, 2015 4:52 PM
> >> Subject: Re: [Toaster] question about authentication
> >> >
> >> On 01/09/2015 00:58, "toaster-bounces@yoctoproject.org on behalf of
> >>Bian, Naimeng" <toaster-bounces@yoctoproject.org on behalf of
> >>biannm@cn.fujitsu.com> wrote:
> >>
> >> >Hi all
> >> >
> >> >Does toaster support permission management in Build Mode?
> >>
> >> No, I'm afraid it doesn't.
> >>
> >> >
> >> >
> >> >The permission management what I want to talk about is not
> >> >http://toaster-server:8000/admin.
> >> >My question is that is there any login page for authentication.
> >> >
> >> >If not, does it mean everyone who can access Toaster server can do
> >> >everything including create/edit Project.
> >>
> >> Right now, yes: whomever can access the Toaster instance can create
> >> and modify projects, run builds and download artifacts.
> >>
> >> >and do we have any plan to do it.
> >>
> >> Yes, this is something we have been wanting to do for a while, but
> >>haven't been able to for lack of development resources. We even have
> >>some designs for a project-based basic permissions system providing 3
> >>user types (administrators, project creators and basic users). We
> >>also have a Bugzilla entry to cover the work:
> >>
> >> https://bugzilla.yoctoproject.org/show_bug.cgi?id=6233
> >>
> >> If you would be interested in working on this, let me know. I would
> >> be happy to share and discuss the proposed design.
> >>
> >
> >Thanks for your answer.
> >It's my pleasure to develop this feature, but I have some other works
> >at the next few weeks, If it doesn¹t matter, I will do it from
> >November.
> >Although I don't have any experience, because it's my first time to
> >develop a Django project, I will do my best to complete it with other
> >guys. ^_^
>
> Hi Bian,
>
> This is great news. Thank you for offering to develop this feature :)
>
> November works very well for us. It will give us some time to finish the design
> and discuss it with you. Also, it is the beginning of the next Yocto Project
> release cycle (2.0 will be released at the end of October, so your work will
> be part of the 2.1 release).
>
I got it.
> You might know about our weekly contributors call already: it happens every
> Wednesday at 4pm GMT. I am not sure how well that works for your time zone,
> but joining the call once in a while would give you the chance to get to know
> the other contributors. Hopefully you can make it.
>
I'm GMT+8, so I think maybe I can't attend the weekly call. And I'm afraid my spoken english is too bad to talk with other contributors smoothly. ^_^
Is there a IRC? It will be good to me.
Thanks
Bian
> Cheers
>
> Belén
>
> >
> >Thanks
> > Bian
> >
> >> Cheers
> >>
> >> Belén
> >>
> >> >
> >> >If so, would you telling me how to use it.
> >> >
> >> >Thanks
> >> > Bian
> >> >--
> >> >_______________________________________________
> >> >toaster mailing list
> >> >toaster@yoctoproject.org
> >> >https://lists.yoctoproject.org/listinfo/toaster
> >
^ permalink raw reply [flat|nested] 11+ messages in thread
* Re: question about authentication
2015-10-09 3:42 ` Bian, Naimeng
@ 2015-10-12 17:13 ` Barros Pena, Belen
2015-10-14 15:58 ` Barros Pena, Belen
0 siblings, 1 reply; 11+ messages in thread
From: Barros Pena, Belen @ 2015-10-12 17:13 UTC (permalink / raw)
To: Bian, Naimeng, toaster
On 09/10/2015 04:42, "Bian, Naimeng" <biannm@cn.fujitsu.com> wrote:
>
>I'm GMT+8, so I think maybe I can't attend the weekly call. And I'm
>afraid my spoken english is too bad to talk with other contributors
>smoothly. ^_^
No worries :)
>Is there a IRC? It will be good to me.
We all hang out in the Yocto Project IRC channel, but we could consider
creating a channel for Toaster, if that would be useful.
Would everybody else be ok with this?
Cheers
Belén
>
>Thanks
>Bian
^ permalink raw reply [flat|nested] 11+ messages in thread
* Re: question about authentication
2015-10-12 17:13 ` Barros Pena, Belen
@ 2015-10-14 15:58 ` Barros Pena, Belen
2015-10-15 4:17 ` Bian, Naimeng
0 siblings, 1 reply; 11+ messages in thread
From: Barros Pena, Belen @ 2015-10-14 15:58 UTC (permalink / raw)
To: Barros Pena, Belen, Bian, Naimeng, toaster
On 12/10/2015 18:13, "toaster-bounces@yoctoproject.org on behalf of Barros
Pena, Belen" <toaster-bounces@yoctoproject.org on behalf of
belen.barros.pena@intel.com> wrote:
>
>
>On 09/10/2015 04:42, "Bian, Naimeng" <biannm@cn.fujitsu.com> wrote:
>
>>
>>I'm GMT+8, so I think maybe I can't attend the weekly call. And I'm
>>afraid my spoken english is too bad to talk with other contributors
>>smoothly. ^_^
>
>No worries :)
>
>>Is there a IRC? It will be good to me.
>
>We all hang out in the Yocto Project IRC channel, but we could consider
>creating a channel for Toaster, if that would be useful.
So we discussed this today, and the problem is that a separate IRC channel
would still be subject to the time difference problem (we won't be there
during Bian's working hours). So Bian, if you have questions, the best
ways to reach us are:
1. Send email to this mailing list
2. Ping us on the main yocto IRC channel if we are around (we are belen,
michaelw, bavery, ed and elliot).
People, if you are not in the yocto IRC channel, you probably should :)
Cheers
Belén
>
>Would everybody else be ok with this?
>
>Cheers
>
>Belén
>
>
>>
>>Thanks
>>Bian
>
>
>--
>_______________________________________________
>toaster mailing list
>toaster@yoctoproject.org
>https://lists.yoctoproject.org/listinfo/toaster
^ permalink raw reply [flat|nested] 11+ messages in thread
* Re: question about authentication
2015-10-14 15:58 ` Barros Pena, Belen
@ 2015-10-15 4:17 ` Bian, Naimeng
0 siblings, 0 replies; 11+ messages in thread
From: Bian, Naimeng @ 2015-10-15 4:17 UTC (permalink / raw)
To: Barros Pena, Belen, toaster
> -----Original Message-----
> From: Barros Pena, Belen [mailto:belen.barros.pena@intel.com]
> Sent: Wednesday, October 14, 2015 11:58 PM
> To: Barros Pena, Belen; Bian, Naimeng; toaster@yoctoproject.org
> Subject: Re: [Toaster] question about authentication
>
> On 12/10/2015 18:13, "toaster-bounces@yoctoproject.org on behalf of Barros
> Pena, Belen" <toaster-bounces@yoctoproject.org on behalf of
> belen.barros.pena@intel.com> wrote:
> >
> >On 09/10/2015 04:42, "Bian, Naimeng" <biannm@cn.fujitsu.com> wrote:
> >
> >>
> >>I'm GMT+8, so I think maybe I can't attend the weekly call. And I'm
> >>afraid my spoken english is too bad to talk with other contributors
> >>smoothly. ^_^
> >
> >No worries :)
> >
> >>Is there a IRC? It will be good to me.
> >
> >We all hang out in the Yocto Project IRC channel, but we could consider
> >creating a channel for Toaster, if that would be useful.
>
> So we discussed this today, and the problem is that a separate IRC channel would
> still be subject to the time difference problem (we won't be there during Bian's
> working hours). So Bian, if you have questions, the best ways to reach us are:
>
> 1. Send email to this mailing list
> 2. Ping us on the main yocto IRC channel if we are around (we are belen, michaelw,
> bavery, ed and elliot).
OK. I got it.
Thanks
Bian
>
> People, if you are not in the yocto IRC channel, you probably should :)
>
> Cheers
>
> Belén
>
> >
> >Would everybody else be ok with this?
> >
> >Cheers
> >
> >Belén
> >
> >
> >>
> >>Thanks
> >>Bian
> >
> >
> >--
> >_______________________________________________
> >toaster mailing list
> >toaster@yoctoproject.org
> >https://lists.yoctoproject.org/listinfo/toaster
^ permalink raw reply [flat|nested] 11+ messages in thread
* question about authentication
@ 2015-08-31 7:46 Bian, Naimeng
0 siblings, 0 replies; 11+ messages in thread
From: Bian, Naimeng @ 2015-08-31 7:46 UTC (permalink / raw)
To: toaster
Hi all
Does toaster support permission management in Build Mode?
The permission management what I want to talk about is not http://toaster-server:8000/admin.
My question is that is there any login page for authentication.
If not, does it mean everyone who can access Toaster server can do everything including create/edit Project.
and do we have any plan to do it.
If so, would you telling me how to use it.
Thanks
Bian
^ permalink raw reply [flat|nested] 11+ messages in thread
end of thread, other threads:[~2015-10-15 4:17 UTC | newest]
Thread overview: 11+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2015-08-31 23:58 question about authentication Bian, Naimeng
2015-09-01 8:51 ` Barros Pena, Belen
2015-09-01 15:48 ` Brian Avery
2015-09-24 0:44 ` Bian, Naimeng
2015-09-24 0:35 ` Bian, Naimeng
2015-09-25 6:43 ` Barros Pena, Belen
2015-10-09 3:42 ` Bian, Naimeng
2015-10-12 17:13 ` Barros Pena, Belen
2015-10-14 15:58 ` Barros Pena, Belen
2015-10-15 4:17 ` Bian, Naimeng
-- strict thread matches above, loose matches on Subject: below --
2015-08-31 7:46 Bian, Naimeng
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.