[Building Sakai] New User Role

Steve Swinsburg s.swinsburg at lancaster.ac.uk
Sat May 30 03:00:12 PDT 2009 

Hi Ketan,

You can get the Role that a user has in a site (realm), then check if  
that role has the required permission via role.isAllowed(String  
permission).

As for things being cleared, how are you injecting the Sakai services  
(userDirectoryService for example). Are you using Spring via  
components.xml or are you using the ComponentManager in your  
ExternalLogic constructor?
Have you got your code anywhere public so we could take a look?


cheers,
Steve

---
Steve Swinsburg
Portal Systems Developer
Centre for e-Science
Lancaster University
Lancaster
LA1 4YT

email: s.swinsburg at lancaster.ac.uk
phone: +44 (0) 1524 594870

On 30/05/2009, at 8:49 AM, Ketan Nale wrote:

> Hi Steve,
>
>         This seems nice . So no need to maintain authorizations at  
> tool level. I created myTool.read , myTool.write , myTool.delete ,  
> myTool.view like permissions.
>         When user wants to view/add/update/delete something he  
> should pass SecuityService's unlock check is it correct ?
>         When user first time (at index page) hits securityService  
> unlock method its wokin fine , but if he renders to next page  
> securityService get set to NULL
>         Also unable to get result from ant method of ExternalLogic
>         Is there something missing ? Also sakai's MyLittle session  
> get changed to normal http session.
>
> cheers,
> Ketan
>
>
>
> --- On Fri, 29/5/09, Steve Swinsburg <s.swinsburg at lancaster.ac.uk>  
> wrote:
>
> From: Steve Swinsburg <s.swinsburg at lancaster.ac.uk>
> Subject: Re: [Building Sakai] New User Role
> To: "KetanNale" <ketan_nale at yahoo.com>
> Cc: sakai-dev at collab.sakaiproject.org
> Date: Friday, 29 May, 2009, 1:29 PM
>
> Hi,
>
> You need to add it to the appropriate realm for that site type, then  
> propagate it to all sites. Ie if the site type you want to add the  
> new role to is 'project', then you need to create the new role in  
> the !site.template.project realm. Note that in an OOTB Sakai this  
> realm doesn't exist, so you can just copy the !site.template realm  
> to !site.template.project.
>
> If your role should go to all sites regardless of type you can  
> create the new role in the !site.template realm.
>
> Then, when new sites are created with that site type, they will  
> inherit this new role.
>
> Use the Admin Realms tool. You can either duplicate one of the  
> existing roles or start from scratch.
>
> Now, you need to backfill the new role into the sites you need. By  
> far the easiest method I use is a webservice and Perl script to  
> iterate over and copy the new role into the sites. I've attached  
> copyRole.txt which is a web service that you should put into SAKAI- 
> SRC/webservices/axis/src/webapp/SakaiScript.jws and rebuild/redeploy  
> the webservices project.
>
> Then, enable web service logins in sakai.properties  
> (webservices.allowlogin=true for 2.5.x but a bit more complicated in  
> 2.6.x+, post back if you need help).
>
> Now, using the attached perl script, add in the sites you want to  
> edit, the template site, the roles you want to sync and the relevant  
> username/password/urls, and run it. It will iterate over the sites  
> and sync up the roles from the template.
>
> If you are hesitant, use the test script first which will just check  
> your webservice connection.
>
>
> cheers,
> Steve
>
> ---
> Steve Swinsburg
> Portal Systems Developer
> Centre for e-Science
> Lancaster University
> Lancaster
> LA1 4YT
>
> email: s.swinsburg at lancaster.ac.uk
> phone: +44 (0) 1524 594870
>
>
>
>
> On 29/05/2009, at 7:12 AM, KetanNale wrote:
>
>>
>> How we can assign unique role to user for all sites.
>> It should not dependent on access and maintain roles of  site.
>>
>> -- 
>> View this message in context: http://www.nabble.com/New-User-Role-tp23774713p23774713.html
>> Sent from the Sakai - Development mailing list archive at Nabble.com.
>>
>> _______________________________________________
>> sakai-dev mailing list
>> sakai-dev at collab.sakaiproject.org
>> http://collab.sakaiproject.org/mailman/listinfo/sakai-dev
>>
>> TO UNSUBSCRIBE: send email to sakai-dev-unsubscribe at collab.sakaiproject.org 
>>  with a subject of "unsubscribe"
>
>
> Explore and discover exciting holidays and getaways with Yahoo!  
> India Travel Click here!

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://collab.sakaiproject.org/pipermail/sakai-dev/attachments/20090530/ab1ebbe4/attachment.html 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 2437 bytes
Desc: not available
Url : http://collab.sakaiproject.org/pipermail/sakai-dev/attachments/20090530/ab1ebbe4/attachment.bin

More information about the sakai-dev mailing list