Forum OpenACS Development: Re: API Browser Support for Other Programming Languages

Collapse
Posted by Carl Lemp on
I have a couple of other questions related to this topic if someone could be so kind to share their expertise.

If I want to treat source code as content (code-content) and allow users to leverage the features of the apm and api-browser to import and explore this code-content using OpenACS, is there a way to restrict the scope of the api-browser to only certain packages? To use these tools for this purpose, it would be better if the user only had access to the imported code-content but not be exposed to the the normal code-packages that make up the OpenACS site. Is that possible within a single site?

I noticed that when setting up a sub-site, the api-browser was not an application that can be installed in a sub-site so I assume it's scope is site-wide. Is there any way to restrict that?

Thanks in advance,
Carl

Collapse
Posted by Iuri Sampaio on
Carl,
If I understood correctly you need, the best way to inhibit api-browser from the user is to work properly with permission system.
Site-wide-administration, SWA, is designed to own (i.e. have access) the entire system, to access api-browser, developer support tools, and a bunch of other features. You don't want to change that. Believe me!

A Subsite administrator is the one you should be setting up to be your admin for site administration tasks.
https://openacs.org/doc/configuring-configuring-permissions

Could you create a custom package for that?
A possibility is to make it available to site admins, then they won’t have access to the api-browser section, but they will have access to your "custom code library" package.

Best wishes
I

Collapse
Posted by Carl Lemp on
Luri,
What I would like to do is allow the user to use the api-browser but only them to browse packages they loaded, not packages that are part of the base system.

If I understand your answer correctly, the api-browser has site-wide-administration permissions and it is bad idea to change those permissions. So, to do what I want, the best way would be to create a separate package with the same capabilities (maybe starting with the same code?) as the api-browser and set the permissions of that package as I need them. Is that correct?

Thanks,
Carl

Collapse
Posted by Gustaf Neumann on
Actually, i do not see the big problem in changing permissions of the api-browser.

The api-browser was designed and implemented as a singleton package for providing documentation for developers about the code running on this instance (there is only one code basis). If one wants multiple instances to be used for different purposes, maybe in multiple subsites, one has to
- remove the singleton-property (with all consequences),
- make the package subsite-aware (maybe not much),
- provide configuration options per instance (what kind of code you want to see),
- extend the API in what instance the data should be seen (and maybe provide as well source-code language information)
- extend the data-model (i.e. the nsvs, naming etc.)

This is some effort, but it it look in general doable to me, since the existing API and datastructures are rather simple. One should be able to provide default settings, such that existing usages can continue to work unmodified.