[ckan-dev] help s031 permissions
Sean Hammond
sean.hammond at okfn.org
Fri Aug 17 11:26:12 UTC 2012
> There is a demo-ticket about users being able to edit datasets they
> shouldn't
>
> from what I can see this is a server config setting as the user has
> package_update permission for that package - I have no idea how/where/why
> these are set
>
> does anyone have an idea
>
> http://trac.ckan.org/ticket/2863
Both logged_in and visitor have editor permissions on that dataset and
many others. Are you using the organizations extension? Or the old
rights and roles system? And what behaviour are you trying to get?
The default rights and roles (that get assigned to new users and
packages etc.) are set in the ini file, the four ckan.default.roles.*
settings. If you change these, existing users will still keep their
existing rights for existing packages, you would have to use the paster
rights command to remove them, or just clean the db and start again.
If you let me know how you want it setup I can look at it for you
The docs for it all are here:
http://docs.ckan.org/en/latest/authorization.html
More information about the ckan-dev
mailing list