[Mageia-webteam] Proposal for maintainers database API
nicolas vigier
boklm at mars-attacks.org
Tue Mar 8 16:54:05 CET 2011
On Tue, 08 Mar 2011, Romain d'Alverny wrote:
> On Tue, Mar 8, 2011 at 13:13, nicolas vigier <boklm at mars-attacks.org> wrote:
> > No comment about using the website to take/drop maintainership, or using
> > a command line tool ?
>
> Both in the end. But I am not sure how to manage the authorization (or
> the drop) in both cases:
> * through web UI, that's easy: the user that drops has to be the very
> maintainer or an admin;
Yes. And for taking maintainership, the package should not be currently
maintained by someone (other than 'nobody').
> * through the CLI, would it auth against the maintdb app or through
> the buildsystem that, in turn, would notify the maintdb?
It would auth through the buildsystem, the buildsystem checks that the
user is either admin, maintainer of the package, or that the package is
unmaintained (using maintdb public method), then forward the request to
maintdb using the private method.
Or the buildsystem can do the auth, and forward the request to maintdb
private method without doing any check, but including in the request
the login name of the user requesting the change so that maintdb can
check the permission. This one is probably better if we want to allow
changes using both website and CLI as it avoids doing the same checks
in two different places.
>
> (but that may be just over specification to this point)
>
> Aside, I've written down this
> http://mageia.org/wiki/doku.php?id=web:maintdb#specs_actions after
> having re-read this whole thread; it is likely incomplete but that's a
> possible outcome of the discussion: setting down what minimal
> behaviour is expected from the maintdb for it to be used.
It looks good.
But I would change this :
* POST https://maintdb/packages
user - string - optional - login of the user pushing the package
The user string should not be optional but mandatory.
* GET https://maintdb/packages
Returns a list such as:
packagename / maintainers login / last commit date / url to bugs report / url to package repo
I don't think we should return url to bugs report and url to package
repo here. For the "last commit date", we don't have this info. The
info we can have is "last sucessful submit date" (the last time the
private method was called on that package).
More information about the Mageia-webteam
mailing list