On 11/23/2010 09:10 AM, Piotr Dziubecki wrote:
> Hi,
>
> I have a couple of questions regarding the Invitation application ( space ).
>
> 1. Is there a possibility to clear the invitation list ? I know there is a
> 'Rescind Invitation' button, but
> i.e. I cannot remove invitation with status 'Declined' ( This action cannot
> be carried out because all of
> the messages selected are of the wrong status. ) even if I have Admin rights.
If you are an administrator, you can delete records of messages from the
Invitation.InvitationMessages document where they are stored as objects. To
clear all of the
records, you can rename or delete the entire document. Obviously there are
security implications to
allowing a user to send mail from your server and then cover his tracks by
deleting the records.
>
> 2. User who sent the invitation to another potential user asked me whether he
> could somehow receive an
> information about the new user account details ( his login at least ).
> Typically we want to invite someone
> to give him an access to edit some documents and such information would help
> with grating him access rights.
> Is there a possibility to get to such info ?
This is not currently implemented but it sounds to me like a very good idea.
Since the Invitation
code exists at the application level, you can make the change now in
Invitation.InvitationGuestActions
Search for this text:
#setMessageStatus($message, 'accepted')
and replace with this:
#setMessageStatus($message, 'accepted', "Invitation accepted and registered as
[[$request.getParameter('xwikiname')]]")
(That is off the top of my head, it may require some tinkering to make it work.)
>
> 3. This is more a feature request, but maybe it's already implemented. Is it
> possible to specify a group to
> which user will be subscribed when he accept the invitation from us ? That
> could ease the process of
> configuring user account a lot :)
This is not easy to implement right now. You could add a hook in the same place
as where the message
is updated but the invitation application would need to run with programming
rights and it would be
inviting security vulnerabilities.
This will become a very easy task if we switch from granting permissions based
on having one's name
listed on a "permitted list" to granting permissions based on one holding a
cryptographically signed
"hall pass".
Caleb
>
> Thanks in advance,
> Piotr
> _______________________________________________
> users mailing list
> [email protected]
> http://lists.xwiki.org/mailman/listinfo/users
>
_______________________________________________
users mailing list
[email protected]
http://lists.xwiki.org/mailman/listinfo/users
