DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUGĀ· RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT <http://issues.apache.org/bugzilla/show_bug.cgi?id=42952>. ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED ANDĀ· INSERTED IN THE BUG DATABASE.
http://issues.apache.org/bugzilla/show_bug.cgi?id=42952 [EMAIL PROTECTED] changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #20561|0 |1 is obsolete| | ------- Additional Comments From [EMAIL PROTECTED] 2007-07-30 12:16 ------- Created an attachment (id=20566) --> (http://issues.apache.org/bugzilla/attachment.cgi?id=20566&action=view) makes PolicyAuthorizer check for "visit" role explicitly, adds default group to admin.addUser following richard's approach, this patch adds a "add to default group" checkbox to the addUser usecase. for some reason, adding the user to the group does not yet work - there are some debug messages left in the code, grep for "####" in the logs. perhaps someone can help here? andreas has convinced me that coding special group and role semantics into usecases is not such a swell idea. overly generic GUIs with confusing error messages aren't, either... this patch introduces two special cases: * the "visit" role is used by the PolicyAuthorizer to grant access to pages * the "users" group is given visit rights and is presented as "default group" in the addUser usecase. this is ugly. but it could be remedied with a new "pseudo-usecase": ac.visit. it doesn't do anything, but it has roles attached to it via usecase-policies.xml, and the policyAuthorizer could maybe delegate the role checking to the usecaseAuthorizer. gets rid of the hardcoded visit semantics. that leaves the default group. it could be made configurable in the gui (thus putting the semantics into the publication, where they belong), or we could introduce a new accreditable <anyUser/> that includes all authenticated users. probably easier to maintain than an extra group... wdyt? -- Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee. --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
