[SAC] Re: Indictrans: Initial TODO List
Jason Birch
Jason.Birch at nanaimo.ca
Fri Oct 27 16:53:23 EDT 2006
We'll also need the ability to delegate the control for a subset of
roles to PSC administrators.
For instance, the FDO project will need several roles within SVN
(FDOcore, FDOrdbms, FDOoracle, etc)
While I think it's OK/important for an OSGeo super-admin to have access
to all roles, I don't think that each project admin should have full
access to administer all roles.
Jason
-----Original Message-----
From: Frank Warmerdam [mailto:warmerdam at pobox.com]
Sent: Friday, October 27, 2006 13:37
To: Tyler Mitchell
Cc: sac at sac.osgeo.org
Subject: [SAC] Re: Indictrans: Initial TODO List
Tyler,
In SAC we did some initial discussion of group permissions a few months
ago, and came up with the following somewhat minimalist categories.
http://wiki.osgeo.org/index.php/SAC:Security_Groups_Policy
Howard has done a bit more thinking on this since, and has some
additional ideas, though I'm not sure if they are available in the wiki
or not.
I have asked Swapnil and team to think about some sort of web
application to help manage what groups people are in. Which seems to be
what you are describing.
In IRC someone mentioned a PHP LDAP Admin tool that looked quite
promising for general LDAP administration, but it seemed quite technical
for when we just need to add a user into a new permissions group (for
instance when they are given commit privs on a project).
It may well be that Bob's sysadmin has advice on organizing permissions
groups and how to administer them, but unless there is a better solution
I am interested in having the Indictrans team assist in building an easy
to use administration tool for permissions.
More information about the Sac
mailing list