Indictrans: Initial TODO List
Frank Warmerdam
warmerdam at pobox.com
Fri Oct 27 16:36:42 EDT 2006
Tyler Mitchell wrote:
> Swapnil,
> We could use your help just generally on one administrative item:
> role/permission management. Obviously this will affect you as
> well. Right now we have some broad, general, site-wide roles/groups.
> But we lack user permissions at a node level. Do you have any
> experience with this? Can you draw up some suggestions for how we
> manage our users, groups, roles, etc. on the site?
Tyler,
In SAC we did some initial discussion of group permissions a few
months ago, and came up with the following somewhat minimalist
categories.
http://wiki.osgeo.org/index.php/SAC:Security_Groups_Policy
Howard has done a bit more thinking on this since, and has some
additional ideas, though I'm not sure if they are available in the
wiki or not.
I have asked Swapnil and team to think about some sort of web application
to help manage what groups people are in. Which seems to be what you
are describing.
In IRC someone mentioned a PHP LDAP Admin tool that looked quite
promising for general LDAP administration, but it seemed quite technical
for when we just need to add a user into a new permissions group (for
instance when they are given commit privs on a project).
It may well be that Bob's sysadmin has advice on organizing permissions
groups and how to administer them, but unless there is a better solution
I am interested in having the Indictrans team assist in building an easy
to use administration tool for permissions.
Best regards,
--
---------------------------------------+--------------------------------------
I set the clouds in motion - turn up | Frank Warmerdam, warmerdam at pobox.com
light and sound - activate the windows | http://pobox.com/~warmerdam
and watch the world go round - Rush | President OSGeo, http://osgeo.org
More information about the Sac
mailing list