[ckan-discuss] User credentials

David Read david.read at okfn.org
Wed Jun 30 19:03:18 BST 2010

> For the Netherlands we want, at start-up, to control who can
> register packages and create groups. Is there a superuser role
> to set these userrights?

The CKAN editing philosophy, like Wikipedia, is to make barriers low
to edit and crowd-source metadata. CKAN is versioned, so that unwanted
edits can easily be reverted. Currently this seems to work very well
for ckan.net - the positive edits far outweigh the negative edits.

Having said that, there are occasions when stuff needs protecting, and
this is required by our government customers - it sounds like you are
in a similar position.

Users become 'admins' for particular packages and groups, giving the
ability to change authorization settings. So an admin might list
particular users who are the only people allowed to edit a package or
to add packages to a group. The user that creates a package or group
is made 'admin' for it (so ensure you're logged in). Sysadmins can
also give users admin rights.

What we don't have currently is a barrier to creating new packages and
groups. That's not saying we are against it, but it isn't required for
ckan.net or several other CKAN installs, and so we've not had the
requirement for this feature yet.

As ever, if you would like changes to CKAN such as this, make your
case, and we can discuss implementing it.

(Mark, I'm happy to make you and Ton sysadmins for nl.ckan.net - just
send me your openid, or your username as it appears in CKAN when you


More information about the ckan-discuss mailing list