[Building Sakai] Alert: You do not have permission to add or remove user(s) with role 'xxx'.
will at serensoft.com
will at serensoft.com
Thu Jan 28 15:28:35 PST 2010
Short version:
Which permission allows a worksite role to assign roles to other users?
Long version:
We're getting the "Alert: You do not have permission to add or remove
user(s) with role 'xxx'." message for most role-changes, but not for
all of them.
For example, we want role "Assistant" to be able to take any
participant in the "Student" role and promote them to "Assistant" role
or "Technical Help" role.
We've determined that:
- site.viewRoster allows role members to see worksite participants listed
- site.upd.site.mbrshp gives the role-select popup menus and the update button
With both of these checked, a user can try a new role for someone and
click 'update participants' -- "Alert: You do not have permission to
add or remove user(s) with role 'xxx'."
System administrators (in the !admin realm) have no problem changing
other users' roles, of course. But we're not willing to hand those
keys-to-the-kingdom to just any TA. :)
Looking for "java.roleperm" in the site-manage code, there are checks
for whether the new role has "site.upd" permissions. Maybe that's the
snag here? If so is there a way around it?
Presumably 2.6 is similar to what's documented here:
http://confluence.sakaiproject.org/display/DOC/Permission+Definitions+in+Sakai+2.5
If the answer is there, we missed it. :(
Ideas?
--
will trillich
"The ancestor of every action is a thought" -- Ralph Waldo Emerson
More information about the sakai-dev
mailing list