[GeoNode-devel] GeoNode generic roles permissions migration

Paolo Corti pcorti at gmail.com
Fri Jun 5 06:10:17 PDT 2015


Thanks to both for the feedback.
I will do as suggested and come back with a PR
cheers
p

On Fri, Jun 5, 2015 at 1:52 PM, Simone Dalmasso
<simone.dalmasso at gmail.com> wrote:
> Great Paolo!
> We did not create that group by default but there have been some requests
> for that so please add it!
>
>
> 2015-06-05 13:42 GMT+02:00 Francesco Bartoli <xbartolone at gmail.com>:
>>
>> Hi Paolo,
>>
>> Il giorno 05/giu/2015, alle ore 12:42, Paolo Corti <pcorti at gmail.com> ha
>> scritto:
>>
>> Hi
>>
>> I am working on a procedure that should be able to migrate any GeoNode
>> instance from 2.0 to 2.4 (starting from this work that was done by the
>> NEPA geonode people:
>> https://github.com/DOE-NEPA/geonode_2.0_to_2.4_migration). I am almost
>> ready (I will soon send a PR with the code so that this could be
>> beneficial for others that need to do this migration), except that I
>> need to figure out how to proceed with permissions migration.
>>
>> In GeoNode 2.0 for generic roles we have the following situtations:
>>
>> 1) anonymous - Read Only: every user can view/download
>> 2) authenticated - Read Only: every authenticated user can view/download
>> 3) authenticated - Read/Write: every authenticated user can
>> view/download/edit
>>
>> for 1) we can set the following two permissions in guardian ("anyone"
>> is a user):
>>
>> * anyone can view
>> * anyone can download
>>
>> for 2) and 3) we would need to add respectively two (can view, can
>> download) or six (can view, can download, can edit, can edit metadata,
>> can edit styles, can manage) record/s for each different GeoNode user.
>> If the combination of user and resource base is large (as in my case),
>> this will translate in a very large number of records loaded in the
>> guardian table.
>>
>> Is it acceptable in your opinion if for the migration purpose I create
>> a group named 'authenticated' by code and assign all of the users to
>> it, and then proceed with the permission migration assigning the
>> permission for a resource just to the group in case of 2/3? Do you
>> think there is a better approach?
>>
>> I was considering if it would make sense to have this 'authenticated'
>> group created by default in geonode. This would mean to add a signal
>> to assign every freshly created user by default to that group.
>>
>>
>> Makes sense IMHO and does fit into the “notMember” role for group
>> authorization described in this issue #2164
>>
>>
>> ideas?
>> cheers
>>
>> --
>> Paolo Corti
>> Geospatial software developer
>> web: http://www.paolocorti.net
>> twitter: @capooti
>> skype: capooti
>> _______________________________________________
>> geonode-devel mailing list
>> geonode-devel at lists.osgeo.org
>> http://lists.osgeo.org/cgi-bin/mailman/listinfo/geonode-devel
>>
>>
>>
>> _______________________________________________
>> geonode-devel mailing list
>> geonode-devel at lists.osgeo.org
>> http://lists.osgeo.org/cgi-bin/mailman/listinfo/geonode-devel
>>
>
>
>
> --
> Simone



-- 
Paolo Corti
Geospatial software developer
web: http://www.paolocorti.net
twitter: @capooti
skype: capooti


More information about the geonode-devel mailing list