I'd propose to add the methods regarding the user/role stuff to the Security-Interface and the SecurityImpl-class. There already are some methods regarding user/role management (hasRole()...)
In general I think it would be better to have only one place (e.g. LDAP) where users are managed and give slide the ability to access the LDAP-user/roles.
What if you add a user and auto-create it in slide. After that you grant a permission to this user and delete the user lateron? The user will not be deleted in slide as no auto-delete can be done. So you have an inconsistent user database where some users in slide exist that don't exist in your primary user store anymore.
Adding your propsed methods is a good thing anyway as many users might need some simple methods to create users and add roles at slide api level.
Regards,
Daniel
Jamie Mortimore wrote:
On Mon, 2004-04-26 at 10:52, Martin Holz wrote:
I added a createUser method to the Content interface and implementation,I have been thinking about MacroImpl as the right place or a new
ContentImpl. You may decide this is not the right place for a create
user method if Content is only supposed to handle more low level
operations. In which case the functionality could be moved to the only
place createUser is called from - AbstractWebdavMethod.run.
helper for higher level user management.
Sounds good - I'll move the method(s) there.
The createUser method takes 3 parameters:Shouldn't this be a potentially empty list of roles?
* root - The SlideToken to use to perform the necessary operations -
this should have the credentials of a root user in order to perform the
operations successfully.
* userName - The name of the new user.
* role - The role of the new user. Pass in null to create the user
without any roles.
Potentially yes. I didn't add support for lists of roles as the previous version (if it had worked) didn't support it (not that that's a good reason not to add it).
I was thinking about adding a set of methods along the lines of:
addUser removeUser addRole removeRole addUserToRole removeUserFromRole
The servlet would need it too, if it wants to create a directoryI modelled the createUser method around what I could gather was being done in the XMLUnmarsheller during creation of users at startup.
The createUser method is only called from one place -
AbstractWebdavMethod.run. I am assuming this is an entry point for all
wedav methods. The first thing this method now does is:
listing for a GET on a collection.
Are you saying there is a way webdav methods are called that do not go through AbstractWebdavMethod.run? Is there a more appropriate place to call the createUser method (eg at the start of WebdavServlet.service)?
I'm going to be using slide on a project I'm working on at the moment and can devote some time to fixing any problems that would effect this project + any enhancements required.
Would it be helpful if I provide a patch that includes the above against the latest cvs version of Slide? Obviously I don't want to spend time on another patch if someone else is already looking at integrating this functionality.
Jamie.
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
