[SAC] [OSGeo] #2075: Handling roles

OSGeo trac_osgeo at osgeo.org
Fri Jan 5 06:30:53 PST 2018

#2075: Handling roles
 Reporter:  cvvergara  |       Owner:  webcom@…
     Type:  task       |      Status:  new
 Priority:  normal     |   Milestone:  Unplanned
Component:  WebSite    |  Resolution:
 Keywords:             |

Comment (by robe):

 We can change the default though.  When I setup LDAP, it allowed me to
 change the default role of a person registered via LDAP.  Since we are
 only allowing LDAPs (no more allowing registration on the website) and
 grandfathered accounts to log in, it's way more vetted than having some
 random user off the internet registering on the website.  So we can be
 less cautious.

 Some pages clearly need admin roles like Sponsors page.  I'm not sure
 people are that concerned about an LDAP user defacing a project page for
 example, so not sure those need to be protected as much.

 There is also the possibility of controlling role based on LDAP groups,
 I'm not sure the WPAuthDir has that out of the box, but I don't think it
 would be too hard to extend it if it doesn't or have a sideline PHP script
 that does the job.

Ticket URL: <https://trac.osgeo.org/osgeo/ticket/2075#comment:1>
OSGeo <http://www.osgeo.org/>
OSGeo committee and general foundation issue tracker.

More information about the Sac mailing list