[GeoNode-devel] GeoNode generic roles permissions migration
Simone Dalmasso
simone.dalmasso at gmail.com
Fri Jun 5 04:52:55 PDT 2015
Great Paolo!
We did not create that group by default but there have been some requests
for that so please add it!
2015-06-05 13:42 GMT+02:00 Francesco Bartoli <xbartolone at gmail.com>:
> Hi Paolo,
>
> Il giorno 05/giu/2015, alle ore 12:42, Paolo Corti <pcorti at gmail.com> ha
> scritto:
>
> Hi
>
> I am working on a procedure that should be able to migrate any GeoNode
> instance from 2.0 to 2.4 (starting from this work that was done by the
> NEPA geonode people:
> https://github.com/DOE-NEPA/geonode_2.0_to_2.4_migration). I am almost
> ready (I will soon send a PR with the code so that this could be
> beneficial for others that need to do this migration), except that I
> need to figure out how to proceed with permissions migration.
>
> In GeoNode 2.0 for generic roles we have the following situtations:
>
> 1) anonymous - Read Only: every user can view/download
> 2) authenticated - Read Only: every authenticated user can view/download
> 3) authenticated - Read/Write: every authenticated user can
> view/download/edit
>
> for 1) we can set the following two permissions in guardian ("anyone"
> is a user):
>
> * anyone can view
> * anyone can download
>
> for 2) and 3) we would need to add respectively two (can view, can
> download) or six (can view, can download, can edit, can edit metadata,
> can edit styles, can manage) record/s for each different GeoNode user.
> If the combination of user and resource base is large (as in my case),
> this will translate in a very large number of records loaded in the
> guardian table.
>
> Is it acceptable in your opinion if for the migration purpose I create
> a group named 'authenticated' by code and assign all of the users to
> it, and then proceed with the permission migration assigning the
> permission for a resource just to the group in case of 2/3? Do you
> think there is a better approach?
>
> I was considering if it would make sense to have this 'authenticated'
> group created by default in geonode. This would mean to add a signal
> to assign every freshly created user by default to that group.
>
>
> Makes sense IMHO and does fit into the “notMember” role for group
> authorization described in this issue #2164
> <https://github.com/GeoNode/geonode/issues/2164>
>
>
> ideas?
> cheers
>
> --
> Paolo Corti
> Geospatial software developer
> web: http://www.paolocorti.net
> twitter: @capooti
> skype: capooti
> _______________________________________________
> geonode-devel mailing list
> geonode-devel at lists.osgeo.org
> http://lists.osgeo.org/cgi-bin/mailman/listinfo/geonode-devel
>
>
>
> _______________________________________________
> geonode-devel mailing list
> geonode-devel at lists.osgeo.org
> http://lists.osgeo.org/cgi-bin/mailman/listinfo/geonode-devel
>
>
--
Simone
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.osgeo.org/pipermail/geonode-devel/attachments/20150605/615e0e5b/attachment.html>
More information about the geonode-devel
mailing list