[Registry-dev] UserManager using itself

[Glen Daniels]

Hey folks!

We had a conversation yesterday here at the California hackathon about 
the fact that right now, it's the Registry codebase that holds and 
manages the permissions for actions that are really about the 
UserManager - for instance, who is allowed to "add role" or "grant 
permission".  While this is OK if the Registry is the only user of the 
UM code, we know that's not going to be the case into the future, and it 
would be nice if each product wouldn't have to rewrite this code.

I'd like to refactor this so that all the permissions relating to 
users/roles/permissions are themselves built in to the UserManager.  I 
see this working as follows - we'd have two ways to get Realm 
interfaces.  One would just go directly against the backend to change 
things; like what we have now.  This is the "administrative" API.  Then 
there will also be a way to obtain Realm interfaces on behalf of an 
authenticated user - these instances will have built-in authorizers, and 
framework code like this:

public void addUser(String username, Object credentials)
     throws UserManagerException
{
   if (!myAuthorizer.isUserAuthorized(myname, USERMANAGER_RESOURCE,
                                      EDIT_USERS_ACTION)) {
     throw new UnauthorizedException("Not allowed!");
   }

   backendImplementation.addUser(username, credentials);
}

So this basically involves just adding a few constant resource IDs and 
actions, and putting framework code in between the interfaces and the 
"administrative" backends.

Thoughts / comments?

--Glen