[ovirt-devel] Important change in UI plugins REST API integration

Einav Cohen ecohen at redhat.com
Wed Dec 3 14:56:00 UTC 2014 

> ----- Original Message -----
> From: "Yaniv Dary" <ydary at redhat.com>
> Sent: Wednesday, December 3, 2014 5:02:19 AM
> 
> Does this affect any 3rd parties that implemented UI plugins?

this affects any UI plugin that utilizes the rest-api-session *generated 
by the ui-plugins infrastructure* outside the context of the client/browser; 
I.e., plugins that send the ui-plugins-infra-generated-rest-api-session-id 
to some (3rd party) server-side (which is not aware of the client's browser/
web-admin status at all) that performs communication with the engine's rest-
api based on that rest-api-session-id. 

> Will they need to change anything or is this change more a behaviour change
> only?

for the plugins that I mentioned above: assuming these plugins would like 
retain their functionality and have their server-side perform communication 
with the engine's rest-api regardless of the current status of the client's 
browser/web-admin (active/logged-in/logged-out/...), they will need to change 
their code to obtain their own rest-api-session (to be used by the server-
side), rather than rely on the rest-api-session that was obtained by the ui-
plugins infrastructure for them; the latter should be used *only* for the 
plugin's *client*-side communication with the engine's rest-api. 

if these plugins will not change their code as described above - these 
plugins' server-side communication with the engine's rest-api will break 
upon web-admin logout (which may be an acceptable 'breakage' for some 
plugins - this is really up to each ui-plugin author to make this decision). 

all other plugins (i.e. plugins that use the ui-plugins-infra-generated-rest-
api-session only within the client context, plugins that don't use this rest-
api-session at all, etc.) can remain as-is - they will not be affected. 

> 
> 
> 
> Yaniv
> 
> ----- Original Message -----
> > From: "Vojtech Szocs" <vszocs at redhat.com>
> > To: "Alon Bar-Lev" <alonbl at redhat.com>
> > Cc: devel at ovirt.org
> > Sent: Tuesday, December 2, 2014 7:12:21 PM
> > Subject: Re: [ovirt-devel] Important change in UI plugins	REST	API
> > 	integration
> > 
> > 
> > 
> > ----- Original Message -----
> > > From: "Alon Bar-Lev" <alonbl at redhat.com>
> > > To: "Sven Kieske" <s.kieske at mittwald.de>
> > > Cc: devel at ovirt.org
> > > Sent: Tuesday, December 2, 2014 9:43:18 AM
> > > Subject: Re: [ovirt-devel] Important change in UI plugins REST	API
> > > 	integration
> > > 
> > > 
> > > 
> > > ----- Original Message -----
> > > > From: "Sven Kieske" <s.kieske at mittwald.de>
> > > > To: devel at ovirt.org
> > > > Sent: Tuesday, December 2, 2014 10:41:00 AM
> > > > Subject: Re: [ovirt-devel] Important change in UI plugins REST API
> > > > 	integration
> > > > 
> > > > 
> > > > 
> > > > On 01/12/14 20:26, Vojtech Szocs wrote:
> > > > > In other words, usability of REST session ID is now strictly
> > > > > scoped to GUI user being authenticated. If the user logs in,
> > > > > (always) new REST session ID will be passed to all UI plugins.
> > > > > If the user logs out, REST session ID will not work anymore.
> > > > 
> > > > What if I use just REST for logging in and doing something
> > > > without any GUI interaction at all?
> > 
> > This announcement was about UI plugins in WebAdmin. If you use
> > Engine REST API without any GUI interaction involved, you aren't
> > affected in any way.
> > 
> > > > 
> > > > this reads a little like: you always need an open web gui
> > > > to be able to use REST, which does not make sense at all.
> > 
> > Sorry if my email confused you. It should read like: if you're
> > an author of oVirt UI plugin for WebAdmin, please beware that
> > REST API session ID (automatically acquired by UI plugin infra
> > on behalf of all UI plugins) will not work after GUI logout.
> > 
> > > 
> > > If you provide your own credentials nothing changed.
> > > 
> > > The change is only effecting RESTAPI usage within the user interface
> > > using
> > > the credentials obtained interactively from the user within login page.
> > > 
> > > > So I guess I'm misreading this?
> > > > 
> > > > --
> > > > Mit freundlichen Grüßen / Regards
> > > > 
> > > > Sven Kieske
> > > > 
> > > > Systemadministrator
> > > > Mittwald CM Service GmbH & Co. KG
> > > > Königsberger Straße 6
> > > > 32339 Espelkamp
> > > > T: +49-5772-293-100
> > > > F: +49-5772-293-333
> > > > https://www.mittwald.de
> > > > Geschäftsführer: Robert Meyer
> > > > St.Nr.: 331/5721/1033, USt-IdNr.: DE814773217, HRA 6640, AG Bad
> > > > Oeynhausen
> > > > Komplementärin: Robert Meyer Verwaltungs GmbH, HRB 13260, AG Bad
> > > > Oeynhausen
> > > > _______________________________________________
> > > > Devel mailing list
> > > > Devel at ovirt.org
> > > > http://lists.ovirt.org/mailman/listinfo/devel
> > > _______________________________________________
> > > Devel mailing list
> > > Devel at ovirt.org
> > > http://lists.ovirt.org/mailman/listinfo/devel
> > _______________________________________________
> > Devel mailing list
> > Devel at ovirt.org
> > http://lists.ovirt.org/mailman/listinfo/devel
> _______________________________________________
> Devel mailing list
> Devel at ovirt.org
> http://lists.ovirt.org/mailman/listinfo/devel

More information about the Devel mailing list