Hey, On my branch of geonode here: http://github.com/ltucker/geonode there is some backing for this -- it adds the url /data/acls that outputs json as described in:
http://atlas.openplans.org/~dwinslow/geonode-spec/spec/technical/geonode-core/geoserver/permissions.html User administration is just standard django administration, so django docs may be helpful. You can create a django admin user via: django-admin createsuperuser --settings=capra.settings and then visit /admin in GeoNode to add other Users. To make Layers appear in the security json, you'll need to add UserRowLevelPermissions that relate some User, some Layer and some layer Permission (like maps | layer | view ), this can also be done in the django admin. Both of these can also easily be done via python if needed in tests. I tossed in an 'is_superuser' and 'is_anonymous' flag into the json structure. Currently superuser is related to the is_superuser flag on the django User object, but it's unclear to me whether that is what we mean by it -- should be enough for testing though. An admin's list of ro and rw layers currently only includes explicitly created permissions. As specified, you can use HTTP basic auth or pass along a django sessionid cookie -- currently http basic auth takes precedence for a given request if both are present. You can quickly poke the django endpoint using something like: curl --user admin:admin http://localhost:8000/data/acls I'm not sure what your hours are like, but if you catch me (ltucker) in irc on #geonode I can help get you set up / troubleshoot and figure out if anything you need is missing. Hope it helps, - Luke On Tue, Jul 13, 2010 at 2:52 PM, Andrea Aime <[email protected]> wrote: > Hi, > as you may know I'm working on the GEoSErver/GeoNode security integration. > > At the moment I have the pieces needed for integration written > and lightly tested here: > http://github.com/aaime/geonode/tree/security > (btw, reviews and comments welcomed) > > By tested I mean that the whole system is based on a GeoNodeClient > interface, that supposedly should be implemented so that > it talks to GeoNode, but for the moment it is just mocked > so that the integration tests for the classes sitting on top > of it can work. > > Sooo... I need to write the network layer. In order to do that > it would be quite helpful to have a Geonode with a working > security API that I can hit. Where do I get that? > > Btw, I also never used GeoNode, is there any guide on user management? > > Finally, did you see the thread on this ml about the administrator > user? GeoServer needs an admin level user to work, there is just > too many parts assuming there is such kind of a user. > So the json documents exchanged between GeoNode and GeoServer > should also include a flag telling GeoServer wheter the user > in question is an administrator or not. > > Well, let me know :-) > > Cheers > Andrea > > -- > Andrea Aime > OpenGeo - http://opengeo.org > Expert service straight from the developers. >
