A remark: we must use constants to avoid hard-coding literal string values
Like:
return isMemberOf(SecurityConstants.ADMINISTRATORS);
and not
return isMemberOf("administrators");
Bogdan
Tiry wrote:
Le jeudi 19 avril 2007 à 14:46 +0200, Frédéric Thise a écrit :
Unfortunately yes,
for example in NuxeoPrincipalImpl, "administrators" is hardcoded:
public boolean isAdministrator()
{
try {
return isMemberOf("administrators");
} catch (ClientException e) {
// TODO Auto-generated catch block
e.printStackTrace();
return false;
}
}
This was added a few days ago in order to guard some administration
actions.
If needed, this method could be pluggable.
...
"Olivier Grisel" <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]
Frédéric Thise a écrit :
Hello,
i would like to map the groups from my LDAP server to the Nuxeo
groups
(administrators, members) but i don't want to use these names in my
LDAP
server (besides administrators is reserved in my Active directory
server)..
Is there a way to map group names? eg: in LDAP:
'nuxeo_administrators'
mapped to 'administrators'.
You are free to use other group names and give them the needed rights
at the
root of your domains using the rights management tab. You can use the
the
defaultAdministratorId tag to setup a virtual administrator.
Hopefully security checks are done on permissions and not group names
but their
might be a few places in the code where groupnames are hardcoded.
--
Olivier
_______________________________________________
ECM mailing list
[email protected]
http://lists.nuxeo.com/mailman/listinfo/ecm
_______________________________________________
ECM mailing list
[email protected]
http://lists.nuxeo.com/mailman/listinfo/ecm
_______________________________________________
ECM mailing list
[email protected]
http://lists.nuxeo.com/mailman/listinfo/ecm
