On Thu, Apr 27, 2017 at 8:28 PM, Shane Curcuru <[email protected]> wrote: > * Proposal for new data format: * > [private] > Everything in this section is Member private only.
Sounds good to me. > * What I think we need to implement this: * > > - Make /orgchart *not* require httpd auth > > - Add use ASF::Auth::Members to roster/config.ru I'd recommend not changing the roster tool. It is useful to committers - they can see their subscriptions, update membership of podlings, etc. What I would suggest instead is to create an orgchart.cgi duplicating the code that you see in the roster tool. You probably don't even need rack. What that means is that your script will have to look at the URL to decide what to output. Look for "request" in members/watch.cgi for an example. Duplicating sounds bad, but you have plenty of changes, for example linking to the phonebook instead of the roster tool. There will be some common code, such as parsing the orgchart... that can be factored out to lib/whimsy/asf. > Is that it? Or am I missing something? I don't know how to change the > httpd auth safely - is that practical in it's current location, or does > it need to move into another directory? HTTP auth is something you have to add to a directory. By default /orgchart would be public. - Sam Ruby
