Am Montag, 4. April 2011, 21:58:06 schrieb Guido Berhoerster:
* Adrian Schröter
[2011-04-04 16:59]: That's unfortunate, is there any reason why this cannot be made publically accessible?
Yes, the api is for developers in first place. We do not want to have random load (and some requests can create a lot load) on our server without control about it.
So we may abadone /public and ask our remote instances to use at login at some point of time.
The information can already be obtained as described in my intial mail, although that is quite a kludge and inefficient as it requires several instead of a single request.
Just create a user and use /source directly. If that user creates too much load we can block it and talk back to you in that situation for a solution. Otherwise we do need to block entire IPs or access to /public in general.
I don't think it is currently possible to create per-application accounts which are not bound to a person but can be distributed with an application, is it?
right, it isn't. And I wonder if this should be possible ever, because following our rule developers first for the api, it should be always bound to persons. So the application would need to ask the user for login/password. If we want to have something public for end users, we should transfer the data to another host on deliver it from there. This host would be able to work way more efficient, because it does not need to do all kinds of permission checks. What is the use case for your example ? -- Adrian Schroeter SUSE Linux Products GmbH email: adrian@suse.de -- To unsubscribe, e-mail: opensuse-buildservice+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-buildservice+help@opensuse.org