<HTML><BODY style="word-wrap: break-word; -khtml-nbsp-mode: space; -khtml-line-break: after-white-space; ">I just added a CMS-specific section the bottom of:<DIV><A href="http://wiki.osgeo.org/index.php/SAC:Security_Groups_Policy">http://wiki.osgeo.org/index.php/SAC:Security_Groups_Policy</A></DIV><DIV>... just to wrap my head around how things might relate to the more system-focused roles. More discussion needed, obviously.</DIV><DIV><BR class="khtml-block-placeholder"></DIV><DIV>Tyler</DIV><DIV><BR><DIV><DIV>On 10-Nov-06, at 8:49 AM, Jason Birch wrote:</DIV><BR class="Apple-interchange-newline"><BLOCKQUOTE type="cite"> <DIV dir="ltr" align="left"><FONT face="Arial" color="#0000ff" size="2"><SPAN class="135533316-10112006">There will be a requirement for the CMS to tie into the OpenLDAP server that we will be putting in place in the new hardware. We need to keep our system manageable.</SPAN></FONT></DIV> <DIV dir="ltr" align="left"><FONT face="Arial" color="#0000ff" size="2"><SPAN class="135533316-10112006"></SPAN></FONT> </DIV> <DIV dir="ltr" align="left"><FONT face="Arial" color="#0000ff" size="2"><SPAN class="135533316-10112006">Drupal users need to be fed into / out of this system. Roles need to be pulled from this system, but should be maintained through a secure interface. I don't know much about OG, but it seems that something as flexible as this may not be appropriate unless we're careful about locking it down.</SPAN></FONT></DIV> <DIV dir="ltr" align="left"><FONT face="Arial" color="#0000ff" size="2"><SPAN class="135533316-10112006"></SPAN></FONT> </DIV> <DIV dir="ltr" align="left"><FONT face="Arial" color="#0000ff" size="2"><SPAN class="135533316-10112006">We're also going to need to integrate mediawiki with LDAP. There appears to be good support for this:</SPAN></FONT></DIV> <DIV dir="ltr" align="left"><FONT face="Arial" color="#0000ff" size="2"><SPAN class="135533316-10112006"><A href="http://meta.wikimedia.org/wiki/LDAP_Authentication">http://meta.wikimedia.org/wiki/LDAP_Authentication</A></SPAN></FONT></DIV> <DIV dir="ltr" align="left"><FONT face="Arial" color="#0000ff" size="2"><SPAN class="135533316-10112006"></SPAN></FONT> </DIV> <DIV dir="ltr" align="left"><FONT face="Arial" color="#0000ff" size="2"><SPAN class="135533316-10112006">Jason</SPAN></FONT></DIV><FONT face="Arial" color="#0000ff" size="2"></FONT><FONT face="Arial" color="#0000ff" size="2"></FONT><BR> <DIV class="OutlookMessageHeader" lang="en-us" dir="ltr" align="left"> <HR tabindex="-1"> <FONT face="Tahoma" size="2"><B>From:</B> kanhaiya kale<BR><B>Sent:</B> Friday, November 10, 2006 08:27<BR><B>To:</B> <A href="mailto:dev@webcommittee.osgeo.org">dev@webcommittee.osgeo.org</A>; jitendra<BR><B>Subject:</B> [Web Comm] Drupal modules and it's functionalities<BR></FONT><BR></DIV> <DIV></DIV>Hi,<BR>In drupal, i have seen some modules and it's functionality. I think these modules with minor changes in it will fulfill our requirement. Modules are listed below,<BR> <UL> <LI>Organic Group (og module) : <BR> <UL> <LI>Enable users to create and manage their own 'groups'. <BR> </LI><LI>Each group can have subscribers, and maintains a group page where subscribers can post into. </LI><LI>Membership to groups may be open, moderated, or invitation only. </LI><LI>Any page,forum,poll etc. created by a user of a group 'A' can/cannot be access by a users of group 'B'. </LI><LI>Any post created by a user of group 'A' can/cannot give access to users of group 'B'. </LI><LI><BR></LI></UL> </LI><LI>og block visibility module : <BR> <UL> <LI>This module allows you to specify that a block should be visible only within selected groups. </LI><LI>This can be used for many purposes, from providing each organic group with its own navigation menu, to allowing a group to highlight its own featured content, etc. </LI><LI><BR></LI></UL> </LI><LI>og forum module : <BR> <UL> <LI>Upon creating an og group, it creates a forum container for that group, with a single sub-forum. </LI><LI>A record is also placed in og_term to tie the organic group with the forum container's term ID. </LI><LI>When viewing groups, only forum discussions for that group are displayed. </LI><LI>The og_term table could be useful for other applications of tying groups to taxonomy as well. </LI><LI><BR></LI></UL> </LI><LI>og mandatory group module : <UL> <LI>An add-on for the Organic Groups module that makes one group mandatory for all new users. </LI><LI>Choose one group that all new users will be put into. You can chose either an open or a closed group. Any new user will be auto-approved as member of the group. The group manager(s) of groups that a new user joins will get an automatic e-mail notice. </LI><LI>This module also allows the admin to require a new user to join at least one group during registration by requiring them to choose one of the groups listed in the registration form. This group is in addition to any mandatory group. This feature is disabled by default, is independent of whether a mandatory group is selected, and has no effect if there are no groups listed in the registration form. </LI><LI><BR></LI></UL> </LI><LI>og moderate module : <UL> <LI>Moderate public posts from organic groups module. Moderated posts will be hidden from anonymous visitors. Moderation needs to be done by node administrators or another module. </LI><LI><BR></LI></UL> </LI><LI>og roles : <UL> <LI>This module allows you to, for each group type, specify a list of roles that group administrators are allowed to assign. In the subscriber list (og/users/<node id>), a 'configure member roles' tab will appear if both the group type is allowed to configure roles and the current user is an admin for the group. </LI><LI>For example, if you created a "trusted user" role, and a new node type called "official group," you could allow administrators of only official groups to add selected other group members of to the "trusted user" role. </LI><LI><BR></LI></UL></LI></UL>Regards,<BR>-- <BR>kanhaiya kale (KK) </BLOCKQUOTE></DIV><BR></DIV></BODY></HTML>