graphite-dev team mailing list archive

Thread
Date

Re: [Question #200730]: Protecting dashboards from users

To: graphite-dev@xxxxxxxxxxxxxxxxxxx
From: Francois Mikus <question200730@xxxxxxxxxxxxxxxxxxxxx>
Date: Mon, 18 Jun 2012 00:51:04 -0000
Reply-to: question200730@xxxxxxxxxxxxxxxxxxxxx
Sender: bounces@xxxxxxxxxxxxx

Question #200730 on Graphite changed:
https://answers.launchpad.net/graphite/+question/200730

Description changed to:
Graphite users may be novices and could easily delete, re-arrange
dashboards that were created.

I understand some of the original intent to have Graphite not deal with
user classes (public, user, admin); I use public in a general way to
describe users that do not have write access in the previous sentence,
but could still be authorized by another external mechanism.

Let's be honest, that's baloney. There will always be a need for user
classes, if simply to help make users and administrators jobs easier.

I understand also, that pickle and raw sockets are not the safest means
of communicating. My question is more on the usability standpoint and
not really from a security/interity standpoint.

Is there a means to protect some dashboards so that they are read-only.
So users can clone them if they wish, but only admins could modify them.
How are others coping with protecting dashboards from fat fingered
users.

I think Graphite is great from a number of standpoints, but this to me
is a big sticking point.

Cheers,

Francois

-- 
You received this question notification because you are a member of
graphite-dev, which is an answer contact for Graphite.