[GeoNode-devel] GeoNode generic roles permissions migration
Paolo Corti
pcorti at gmail.com
Thu Jun 18 05:44:33 PDT 2015
here is a migration script that should be able to migrate any GeoNode
2.0 database instance to GeoNode 2.4:
https://github.com/capooti/geonode/blob/migration_from20_to_24/scripts/migrations/migrate20to24/index.rst
feedback is welcome, when we are sure everything works correctly, I
will create a PR with it.
cheers
p
On Fri, Jun 5, 2015 at 3:10 PM, Paolo Corti <pcorti at gmail.com> wrote:
> Thanks to both for the feedback.
> I will do as suggested and come back with a PR
> cheers
> p
>
> On Fri, Jun 5, 2015 at 1:52 PM, Simone Dalmasso
> <simone.dalmasso at gmail.com> wrote:
>> Great Paolo!
>> We did not create that group by default but there have been some requests
>> for that so please add it!
>>
>>
>> 2015-06-05 13:42 GMT+02:00 Francesco Bartoli <xbartolone at gmail.com>:
>>>
>>> Hi Paolo,
>>>
>>> Il giorno 05/giu/2015, alle ore 12:42, Paolo Corti <pcorti at gmail.com> ha
>>> scritto:
>>>
>>> Hi
>>>
>>> I am working on a procedure that should be able to migrate any GeoNode
>>> instance from 2.0 to 2.4 (starting from this work that was done by the
>>> NEPA geonode people:
>>> https://github.com/DOE-NEPA/geonode_2.0_to_2.4_migration). I am almost
>>> ready (I will soon send a PR with the code so that this could be
>>> beneficial for others that need to do this migration), except that I
>>> need to figure out how to proceed with permissions migration.
>>>
>>> In GeoNode 2.0 for generic roles we have the following situtations:
>>>
>>> 1) anonymous - Read Only: every user can view/download
>>> 2) authenticated - Read Only: every authenticated user can view/download
>>> 3) authenticated - Read/Write: every authenticated user can
>>> view/download/edit
>>>
>>> for 1) we can set the following two permissions in guardian ("anyone"
>>> is a user):
>>>
>>> * anyone can view
>>> * anyone can download
>>>
>>> for 2) and 3) we would need to add respectively two (can view, can
>>> download) or six (can view, can download, can edit, can edit metadata,
>>> can edit styles, can manage) record/s for each different GeoNode user.
>>> If the combination of user and resource base is large (as in my case),
>>> this will translate in a very large number of records loaded in the
>>> guardian table.
>>>
>>> Is it acceptable in your opinion if for the migration purpose I create
>>> a group named 'authenticated' by code and assign all of the users to
>>> it, and then proceed with the permission migration assigning the
>>> permission for a resource just to the group in case of 2/3? Do you
>>> think there is a better approach?
>>>
>>> I was considering if it would make sense to have this 'authenticated'
>>> group created by default in geonode. This would mean to add a signal
>>> to assign every freshly created user by default to that group.
>>>
>>>
>>> Makes sense IMHO and does fit into the “notMember” role for group
>>> authorization described in this issue #2164
>>>
>>>
>>> ideas?
>>> cheers
>>>
>>> --
>>> Paolo Corti
>>> Geospatial software developer
>>> web: http://www.paolocorti.net
>>> twitter: @capooti
>>> skype: capooti
>>> _______________________________________________
>>> geonode-devel mailing list
>>> geonode-devel at lists.osgeo.org
>>> http://lists.osgeo.org/cgi-bin/mailman/listinfo/geonode-devel
>>>
>>>
>>>
>>> _______________________________________________
>>> geonode-devel mailing list
>>> geonode-devel at lists.osgeo.org
>>> http://lists.osgeo.org/cgi-bin/mailman/listinfo/geonode-devel
>>>
>>
>>
>>
>> --
>> Simone
>
>
>
> --
> Paolo Corti
> Geospatial software developer
> web: http://www.paolocorti.net
> twitter: @capooti
> skype: capooti
--
Paolo Corti
Geospatial software developer
web: http://www.paolocorti.net
twitter: @capooti
skype: capooti
More information about the geonode-devel
mailing list