fish
Guppy
Posts: 65
|
Post by fish on Nov 29, 2017 7:40:40 GMT
That does sound like a statement that was made in the specification before the concept of the custom/OEM role was added. I'll take this back to the group and get an opinion, but in my view you should be able to create a user with an assigned OEM role - not have to create and then modify it. Jeff OK, thanks!
|
|
fish
Guppy
Posts: 65
|
Post by fish on Nov 28, 2017 12:42:49 GMT
Hi, I'm having problem to understand how to use custom (OEM) roles for a manager account. Handling of accounts and roles seems to be specified in section 9.2.8 “Privilege model/Authorization” (DSP0266 v1.3.0).
If I want to use a custom role, why would I need to create the account with a predefined role first, and after this update it to a custom role directly after? (Or is there some other way?) See text from specification below:
- "This specification defines a set of predefined roles, one of which shall be assigned to a user when a user is created." (I assume that "user" in text above refers to the manager accounts in the AccountService. OK?) Or should it be OK to create an account directly with a custom/OEM role? If so, maybe the specification text above needs to be rephrased/clarified?
|
|
fish
Guppy
Posts: 65
|
Post by fish on Nov 24, 2017 16:06:24 GMT
Hi,
The Redfish API specification (DSP0266 v1.3.0, section 8.2 “Asynchronous operations”) states: “The client may cancel the operation by performing a DELETE on the Task Monitor URL. …The client may also cancel the operation by performing a DELETE on the Task resource.”
This section says nothing about if the server “shall” support cancelling of asynchronous operations via DELETE of task resource or task monitor. Therefore my current assumption is that this is an optional server feature, and not mandatory for severs to support. Would you agree? May other questions would be about the bullet list in the end of this section. This section seems to repeat some of the previous descriptions, in more formal summary form. Is this bullet-list a summary of all mandatory (“shall”) and optionally (“should/may”) requirements? Is this then also evidence of that this type of cancelling of ongoing asynchronous operation is not mandatory for servers? (As cancel of ongoing asynchronous operation is missing in the bullet list.) Or what is the scope of this list?
|
|