<html><head><meta http-equiv="Content-Type" content="text/html charset=windows-1252"></head><body style="word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space;">Hi Alessandro,<div><br></div><div>my point of view inline.</div><div><br></div><div>Regards,</div><div>Francesco</div><div><br><div><div>Il giorno 20/mag/2015, alle ore 00:54, Alessandro Sarretta <<a href="mailto:alessandro.sarretta@gmail.com">alessandro.sarretta@gmail.com</a>> ha scritto:</div><br class="Apple-interchange-newline"><blockquote type="cite">
<meta http-equiv="content-type" content="text/html; charset=utf-8">
<div bgcolor="#FFFFFF" text="#000000">
Dear all,<br>
I'm writing here before adding a comment on github to ask you
confirmation or some issues I'm encountering.<br>
<br>
Two general question:<br>
<ul>
<li>I've seen that there is no more a "registered" users group
where the users are assigned by default. Is this correct? I
think it should be useful to have it to differentiate
permissions between non-registered and registered users.</li>
<li>in the "Explore people" page I can only see the first 20
people, but there is no way to move to the following pages.
Changing in the URL (.../people/?limit=20&offset=0) the
"limit" from 20 to something bigger can solve the problem, but
it seems clear there's something missing in that page.<br>
</li>
</ul>
Then, playing around with groups and members, I found some other
inconsistencies in the visibility of groups and members (<a href="https://github.com/GeoNode/geonode/issues/1784">issue 1784</a>),
in particular looking in the profile page
(<a class="moz-txt-link-freetext" href="http://geonodewebsite/people/profile/xxx">http://geonodewebsite/people/profile/xxx</a>). I'm explaining them here
in detail hoping this could help in solving the issue:<br>
<ol>
<li>A user can always see which group he's member of (ok)<br>
</li>
<li>When a group is public, users can always see if another user
is member of that group (ok)</li>
<li>When a group is private, users in general can't see if another
user is member of that group, (ok)</li>
<li>If a user is a member of a private group, he can't see if
another user is member of that group (non sure about the
correctness of this, but I would say that it should be possible)<br></li></ol></div></blockquote>In general it depends. From a security perspective that should be possible based on the role and privileges kept by the user inside the group. Long story short in the corse-grained authorization model (manager, not manager) only the manager should be able to see other members even if this potentially could be a choice (role in such specific group with visibility of members) but here we would be treating a fine-grained authorization model and I don’t think is the use case of the current groups functionality IMHO<br><blockquote type="cite"><div bgcolor="#FFFFFF" text="#000000"><ol start="4"><li>
</li>
<li>If a manager of a private group looks in the profile pages of
members of that group, he can't see if those users are members
of the group (in my opinion this is not correct)</li></ol></div></blockquote>I’m with you<br><blockquote type="cite"><div bgcolor="#FFFFFF" text="#000000"><ol start="6">
<li>The previous behaviour is the same even if the manager is also
superuser (again I think this is not correct).</li></ol></div></blockquote>It’s a consequence of the previous point<br><blockquote type="cite"><div bgcolor="#FFFFFF" text="#000000"><ol start="6">
</ol><p>Just to add a last information on that, a non registered user now
can see everything (all groups and their members) in the "Explore
Groups" page, even if the groups are private (and this is the
issue 1784), but he can't see anything about membership in the
user profile page (and this is correct).<br>
The only difference between a non-registered user and a registered
one in the profile page is that the registered user can see a
"Group" header, but without anything below (see attached images).<br>
</p>
Let me know whether you have the same issues and if it's ok to
report them in github.<br>
Thank you,<br>
<br>
Ale<br>
<br>
<div class="moz-signature">
<font color="grey" face="courier,verdana,arial,sans-serif" size="2"> --
<p>Alessandro Sarretta</p><p>
skype/twitter: alesarrett<br>
Web: <a href="http://ilsarrett.wordpress.com/">ilsarrett.wordpress.com</a>
</p><p>Research information:<br>
</p>
<ul>
<li><a href="http://scholar.google.it/citations?user=IsyXargAAAAJ&hl=it">Google
scholar profile</a></li>
<li><a href="http://orcid.org/0000-0002-1475-8686">ORCID</a></li>
<li><a href="https://www.researchgate.net/profile/Alessandro_Sarretta">Research
Gate</a></li>
<!-- <li><a href="https://impactstory.org/AlessandroSarretta">Impactstory</a></li> -->
<li><a href="https://impactstory.org/AlessandroSarretta"><span><small.png></span></a></li>
</ul>
</font>
</div>
</div>
<span><registered.png></span><span><nonRegistered.png></span>_______________________________________________<br>geonode-users mailing list<br><a href="mailto:geonode-users@lists.osgeo.org">geonode-users@lists.osgeo.org</a><br>http://lists.osgeo.org/cgi-bin/mailman/listinfo/geonode-users<br></blockquote></div><br></div></body></html>