[GeoNode-devel] geoserver-geonode-ext - geonode_authorize_layer.sql modification
Daniel Berry
dberry at boundlessgeo.com
Mon Jul 13 11:13:13 PDT 2015
I would like to propose the pull request be added to the
geoserver-geonode-ext master.
https://github.com/GeoNode/geoserver-geonode-ext/pull/41
The geonode_authorize_layer.sql does not work correctly for group
authentication.
When creating a new group an entry is added to the "auth_group" table
with the first row automatically created for the anonymous group
----
auth_group
id [PK] serial, name character varying(80)
1,anonymous
----
The geonode_authorize_layer function creates the group_ids (integer[])
by querying the "groups_groupmember"."group_id" column.
The issue is that the group_id column does not account for the
anonymous group. So when GeoServer is running the prepared statement.
The result is actually "groups_groupmember"."group_id" -1. A quick fix
is just to add 1 to each value in the "group_ids", since the anonymous
group will always be the first entry.
I replaced the following in geonode_authorize_layer.sql
SELECT INTO group_ids array_agg("groups_groupmember"."group_id" + 1)
FROM "groups_groupmember"
WHERE "groups_groupmember"."user_id" = "user".id;
with the following:
SELECT INTO group_ids array_agg("groups_groupmember"."group_id" + 1)
FROM "groups_groupmember"
WHERE "groups_groupmember"."user_id" = "user".id;
--
*Daniel Berry*
Professional Services Engineer | Boundless
dberry at boundlessgeo.com
512-468-3946 (cell)
@boundlessgeo
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.osgeo.org/pipermail/geonode-devel/attachments/20150713/4d7b3122/attachment.html>
More information about the geonode-devel
mailing list