[annotator-dev] default permissions

Thu Apr 5 19:54:10 UTC 2012

Hi Amir,

Sorry for the terse reply -- on the move with 'phone only.

See 'Auth#withToken()' --- something like:

    var setPerms = function (tok) { ... };
    ann.plugins.Auth.withToken(setPerms)

Best,
N

On 5 Apr 2012, at 20:26, Amir More <habeanf at gmail.com> wrote:

hey nick

i tried to apply something like:
 .annotator('addPlugin', 'Permissions', {
       permissions: { 'read': ['alice'], 'update': ['alice'], ... }
   })
only i realized that for now, I don't know who the user is. annotateit
replies with the username/id as part of the token request. i debugged the
annotator bootstrap - since the token is received asynchronously I
basically don't know the annotateit username until the annotator's plugin's
token callbacks have been called (or at least, until the token rpc has
returned)

what i need is a method of setting the permissions after annotateit's
userobj is known, so that i can set:
.annotator.addPlugin('Permissions',{permissions:{'delete';[...Permissions.user]}})
or something like that

-a

On Tue, Apr 3, 2012 at 18:31, Amir More <habeanf at gmail.com> wrote:

> thanks for the info, i think i get it.
>
> i'll get back to you next week after the weekly coding meetup.. btw is it
> just me or is the annotateit.org service faster than it used to be?
> annotations seem to be loading much faster than before
>
>
> On Tue, Apr 3, 2012 at 00:55, Nick Stenning <nickstenning at gmail.com>wrote:
>
>> Hi Amir,
>>
>> The first thing to note is that the Permissions plugin is completely
>> configurable: see the source code for documentation on what you can
>> configure, in particular the "userAuthorize" option.
>>
>> If you want to set the default annotation permissions, you can do so
>> when you initialise the plugin:
>>
>>    .annotator('addPlugin', 'Permissions', {
>>        permissions: { 'read': ['alice'], 'update': ['alice'], ... }
>>    })
>>
>> As to the confusion between userId and username, note that AnnotateIt
>> uses usernames as userIds. As far as Annotator itself is concerned,
>> there is the user object (set with Permissions#setUser()) which can be
>> absolutely anything, and the userId and userString, which are
>> *defined* as the result of running Permissions.options.userId(<user
>> object>) or Permissions.options.userString(<user object>).
>>
>> Lastly, note that the default userAuthorize function assumes the
>> entries in the permissions lists will be userIds.
>>
>> Does that clarify the situation at all?
>>
>> -N
>>
>> On Mon, Apr 2, 2012 at 21:01, Amir More <habeanf at gmail.com> wrote:
>> > hey nick,
>> >
>> > while working on deletion functionality in the marginviewer i noticed
>> that
>> > by default, an annotation created by the default editor (while the
>> > permissions and store plugins are in use) does not by default list the
>> > creating user as the admin (or any permission) of the annotation the
>> user
>> > created.
>> >
>> > is this on purpose?
>> > i'm trying to understand what needs to be done so that the user has a
>> > certain set of permissions by default.
>> >
>> > i read up on the permissions/store plugins in the github wiki but i
>> can't
>> > figure out the idiomatic method of adding a permission (by default or
>> > otherwise).
>> > in some examples the user's id is used, while in others the user's
>> username
>> > is used (?)
>> >
>> > am i missing something?
>> >
>> > thanks
>> >
>> > -a
>>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.okfn.org/pipermail/annotator-dev/attachments/20120405/1da09296/attachment-0002.html>