[ckan-dev] Groups and permissions

• Previous message: [ckan-dev] Cache problems
• Next message: [ckan-dev] release branches, etc
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hi Seb,

On Fri, Feb 25, 2011 at 12:43 PM, Seb Bacon <seb.bacon at okfn.org> wrote:
> I understand you did something like this for IATA, where a Department
> is mapped onto a Group, and the authorisation is somehow restricted to
> groups?

Yes, the setup there is interesting/awkward: Each department is
implemented as a (package) group with an attached "shadow"
authorization group. Changes to the pkg group - such as new members -
are partially passed on to the authz group which is also made the
owner of any new package that is created by members of the group. This
way, we can establish "collective ownership" of packages: normal users
cannot edit packages but any member of the same AuthzGroup/Group can.

> If you could point me at any code / documentation or perhaps we should
> have a chat next week, that would be great

The relevant code for this is
https://bitbucket.org/okfn/ckanextiati/src/b2aa3a72c482/ckanext/iati/authz.py
- and I'd be happy to walk you through it next week - just ping me on
Skype.

- Friedrich

• Previous message: [ckan-dev] Cache problems
• Next message: [ckan-dev] release branches, etc
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]