Docs for roles/role_cfg #4221
Docs for roles/role_cfg #4221
Conversation
andreyaksenov
force-pushed
the
roles-samples
branch
2 times, most recently
from
1ea3af2 to
1609842
Compare
andreyaksenov
force-pushed
the
roles-samples
branch
2 times, most recently
from
b9c3af8 to
12b4c1c
Compare
andreyaksenov
force-pushed
the
roles-samples
branch
3 times, most recently
from
0bcfb08 to
8564127
Compare
andreyaksenov
force-pushed
the
roles-samples
branch
2 times, most recently
from
c8cd763 to
6359787
Compare
andreyaksenov
force-pushed
the
roles-samples
branch
from
6359787 to
349a2e8
Compare
andreyaksenov
force-pushed
the
roles-samples
branch
2 times, most recently
from
ea06e5e to
92ff4ba
Compare
andreyaksenov
force-pushed
the
roles-samples
branch
8 times, most recently
from
798140c to
2910993
Compare
andreyaksenov
force-pushed
the
roles-samples
branch
2 times, most recently
from
d07d3e2 to
adb540a
Compare
andreyaksenov
force-pushed
the
roles-samples
branch
from
a84584e to
b90eb99
Compare
andreyaksenov
force-pushed
the
roles-samples
branch
from
b90eb99 to
5f8c589
Compare
There was a problem hiding this comment.
Great addition, I finally understood what are these application roles :)
One general question: should we maybe provide more cross-links to doc pages where built-in roles and module roles are explained or used? I mean, you say there are built-in roles, and the reader wonders What built-in roles? Is there a list? How to use them?
doc/concepts/configuration.rst
Outdated
| ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ | ||
|
|
||
| An application role is a Lua module that implements specific functions or logic. | ||
| You can enable or turn off a particular role for certain instances in a configuration without restarting these instances. |
There was a problem hiding this comment.
"enable or turn off" sounds inconsistent. Let's use one word for the two states (enable/disable or turn on/off)
| Loading an application | ||
| ********************** | ||
| This section describes how to enable and configure roles. | ||
| To learn how to develop custom roles, see :ref:`application_roles`. |
There was a problem hiding this comment.
You write about custom roles, but there there is no explanation of non custom roles. Maybe add a sentence about them to the first paragraph?
There was a problem hiding this comment.
Good point, updated the intro of this section to tell a bit about different types of roles.
| As the most of configuration options, roles and their configurations can be defined at :ref:`different levels <configuration_scopes>`. | ||
| Given that the ``roles`` option has the ``array`` type and ``roles_cfg`` has the ``map`` type, there are some specifics of applying the configuration: | ||
|
|
||
| - For ``roles``, an instance's role takes precedence over roles defined at another level. |
There was a problem hiding this comment.
| - For ``roles``, an instance's role takes precedence over roles defined at another level. | |
| - For ``roles``, an instance's role overwrites all roles defined at another levels. |
Nit: overwrites seems a more straightforward verb to explain that other roles are discarded.
doc/how-to/app/app_roles.rst
Outdated
|
|
||
| Roles can be divided into the following groups: | ||
|
|
||
| - Roles provided by Tarantool. |
There was a problem hiding this comment.
| - Roles provided by Tarantool. | |
| - Tarantool's built-in roles. |
Nit: this sounds more natural to me (if this wording is correct in our terminology).
| - A role is a container for privileges that can be granted to users. Learn more in :ref:`access_control_concepts_roles`. | ||
| - A role of a replica set in regard to sharding. Learn more in :ref:`vshard_config_sharding_roles`. |
There was a problem hiding this comment.
| - A role is a container for privileges that can be granted to users. Learn more in :ref:`access_control_concepts_roles`. | |
| - A role of a replica set in regard to sharding. Learn more in :ref:`vshard_config_sharding_roles`. | |
| - A user role is a container for privileges that can be granted to users. Learn more in :ref:`access_control_concepts_roles`. | |
| - A sharding role of a replica set in regard to sharding. Learn more in :ref:`vshard_config_sharding_roles`. |
Just an idea, to decrease readers' confusion a bit
There was a problem hiding this comment.
A user role
Sounds better but a role can also has a role :) So, it's better to keep it as is.
A sharding role of a replica set in regard to sharding.
sharding meets two times in this case and add some confusion.
doc/how-to/app/app_roles.rst
Outdated
| ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ | ||
|
|
||
| To validate a role's configuration, you need to define the :ref:`validate([cfg]) <roles_api_reference_validate>` function. | ||
| The ``cfg`` argument allows you to get access to the provided :ref:`role's configuration <roles_create_custom_role_config>` and check its validity. |
There was a problem hiding this comment.
| The ``cfg`` argument allows you to get access to the provided :ref:`role's configuration <roles_create_custom_role_config>` and check its validity. | |
| The ``cfg`` argument provides access to the :ref:`role's configuration <roles_create_custom_role_config>` and check its validity. |
Seems shorter and easier to read
|
|
||
| .. _roles_create_space: | ||
|
|
||
| Specifics of creating spaces |
There was a problem hiding this comment.
| Specifics of creating spaces | |
| Creating spaces in roles |
There was a problem hiding this comment.
This applies to creating spaces for applications in general. So, I'm going to move this section outside this topic at some moment.
|
|
||
| .. _roles_life_cycle_stopping_roles: | ||
|
|
||
| 2) *Stopping roles* |
There was a problem hiding this comment.
Maybe Spotting removed roles or smth like that? the current wording surprised me and took some time to understand which roles we're talking about
| For roles that :ref:`depend <roles_create_custom_role_dependencies>` on each other, their ``validate()``, ``apply()``, and ``stop()`` functions are executed taking into account the dependencies. | ||
| Suppose, there are two independent roles (``role1``, ``role2``) and three roles that depend on each other as follows: | ||
|
|
||
| .. code-block:: none |
There was a problem hiding this comment.
Maybe add a verbal explanation? It's unclear to me now.
|
|
||
| .. data:: dependencies | ||
|
|
||
| (Optional) Define a role's dependencies. |
There was a problem hiding this comment.
| (Optional) Define a role's dependencies. | |
| (Optional) Role's dependencies. |
Nit: IMO, verbs are not needed in option/parameter/variable descriptions in references.
andreyaksenov
force-pushed
the
roles-samples
branch
from
b9a535c to
d5cf730
Compare
It's a good idea. AFAIK, Tarantool provides only one role for now. For roles provided by external modules, this question goes beyond roles. Currently, I know two external modules that provide its own roles: CRUD and expirationd (and the docs gives a link to CRUD as an example). At the same time, any information for these modules are missing in our docs. I'll create an issue to think how to deal with this. |
Docs for roles.
sharded_cluster_crudsample to using built-in CRUD roles.hello worldrole without config.hello worldrole with config.Configurationtopic:appwith roles: Enabling and configuring rolesTT_APP_CFGexample toTT_ROLES_CFG: Environment variables | MapConfiguration options overviewsection. Existing topics already cover this info.Developing applications with Tarantool.roles/roles_cfgoptions: rolesappoptions: app