Glad to hear you were able to get this working :) On Wed, Jul 14, 2010 at 4:45 AM, Andrea Aime <[email protected]> wrote:
> > I played with the django administration and managed to get some ro > layers pop up in the json output by adding the "can view" permission > on the layer to the desired user, and it seems that to get > rw I need to add both "view" and "change" (sounds a bit odd to me, > writing does not imply reading?) > > I agree there is probably no case for having write permission without read -- the logical model and user interface for setting these will improve as this matures. You can see the model in the map security tickets like http://projects.opengeo.org/CAPRA/ticket/545 -- I assume something similar will go in for Layers too. At the bottom of it though, there are orthogonal permissions like unix file permissions, which is what you're seeing. In my opinion, it's useful to be able to just test for a read permission and not have to worry about logical implications when checking the ability to read (or whatever) in the rest of the code. On Wed, Jul 14, 2010 at 7:20 AM, Andrea Aime <[email protected]> wrote: > > Btw, the response I get is missing another bit that I need: the user > name. There are a few parts of GeoServer code that do use the user > name for error reporting or for logging purposes (e.g. versioning > WFS), not to mention showing in the admin GUI who are you logged > in as. > > I can fill it myself for the basic auth case, but I cannot do the > same for cookie based auth. > > Can you add a "name" property to the json object you're returning? Done. The anonymous user's name field comes through as the empty string with is_anonymous=true. On Wed, Jul 14, 2010 at 9:26 AM, Andrea Aime <[email protected]> wrote: > > > Cool. The only thing I don't get at the moment is the name of > > the shared cookie. I guess I could get away by just throwing all cookies > > back to GeoNode... > > Btw, figured that out in the meantime, it's "sessionid" > You're right, but one caveat. The name of this cookie is also a configurable setting in django. I'm not really sure how often folks need to change it though. - Luke
