Github user rhtyd commented on the pull request:
https://github.com/apache/cloudstack/pull/1489#issuecomment-215165382
@mlsorensen
- presently, setting bitmask to 0 in commands.properties does not disable
the API but that no roles would have that API; though if an API through its
`authroized` annotation enables itself for a roletype that will be considered
- this feature implements a DENY rule that is checked before annotations
are checked to provide a mechanism to disable an API (or group of APIs if a
wildcard rule is used) that could have been enabled by the annotation (for
example)
@koushik-das
- Existing users are not migrated automatically, they continue to use
static-checker
- Commands.properties file is only removed from codebase, after an upgrade
this file won't be removed by the deb/rpm packages
- New users and installations are no longer encouraged to use the old
static-checker, therefore with the aim of deprecating the static-checker over
time dynamic-checker is enabled by default
- Any change can introduce side-effects and bugs but that does not mean we
should stop innovating or stop improving cloudstack; such an attitude would be
harmful for any project
- I really appreciate your code review, improvement suggestions and testing
feedback instead, on this PR. Thanks.
---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastruct...@apache.org or file a JIRA ticket
with INFRA.
---
