On Thu, Jun 23, 2011 at 11:30 AM, Bryan Kearney bkearney@redhat.com wrote:
On 06/23/2011 10:28 AM, Devan Goodwin wrote:
Could we move this off of /activate and merge with /consumers. An activate is not really a resource and probably doesn't belong on the top level. It's also really similar to regular consumer registration, so I was wondering if we could go to POST /consumers and pass the activation keys as a query param, the same way we specify an owner currently. (and have the code do the needful depending on the params given)
Dmitri was requesting yesterday we move registration to /owners/{key}/consumers, but with this owner-less activation key registration, we should probably leave it at /consumers for now?
Thoughts?
Thanks,
Devan
ActivationKeys are a way to register a machine w/o having credentials. So.. I stuck it at /activate since it would not be protected. If there is a way to make POST /consumers require credentials conditionally then I am all for it.
-- bk
Ah I follow. It's already annotated with @SecurityHole as we have to do manual permission checking. We just need to add noAuth = true to it and adjust the code itself to be prepared for an unauthenticated principal, and let that work if and only if it's an activation key registration.
Thanks,
Devan