[CWB] [ cwb-Feature Requests-2806390 ] CQPweb: view user access rights

SourceForge.net noreply at sourceforge.net
Sun Jan 3 21:50:33 CET 2010 

Feature Requests item #2806390, was opened at 2009-06-15 02:55
Message generated for change (Settings changed) made by andrewhardie
You can respond by visiting: 
https://sourceforge.net/tracker/?func=detail&atid=722306&aid=2806390&group_id=131809

Please note that this message will contain a full copy of the comment thread,
including the initial issue submission, for this request,
not just the latest update.
Category: CQPweb
Group: None
>Status: Closed
Priority: 5
Private: No
Submitted By: Andrew Hardie (andrewhardie)
Assigned to: Andrew Hardie (andrewhardie)
Summary: CQPweb: view user access rights

Initial Comment:
The user admin page should give some way for the superuser to see at a glance

(a) what groups this user is a member of
(b) what corpora these groups have access to

(there should, of course, be a parallel view for groups)

Currently, this information is spread across dozens of different files, spread across the server. It should be in the mySQL databse for easy access. Whenever access rights are changed, the mySQL database will update.

(a) add a field to user_settings, listing groups the user is a member of (text field with groups separated by "|")
(b) add a table called "groups", with the group name as a key and then a text field with the corpora they have access to; again separating with pipe.
(c) make the add-and-remove functions for this new table modular so admins not using apache can access these functions easily via execute.php when they update things.
(d) have a function to update the groups table to "sync" it to the htaccess files, and another to sync the htaccess file to the group table.

Actually, (a) is probably not needed. The users' group membership can easily be accessed using $data = file($the_htgroup_file); or a function in Apache class.  The key thing that is spread out is the groups' access rights - that's what needs to be kept in one place.

t



----------------------------------------------------------------------

>Comment By: Andrew Hardie (andrewhardie)
Date: 2010-01-03 20:50

Message:
v2.11 implements the "view which corpora a group has access to all in one
place" requirement. The other suggestion in this FR, ie the "view which
groups a user belongs to", is less critical (you can see this pretty easily
from the "Manage group membership page"). So I am closing this FR.

----------------------------------------------------------------------

You can respond by visiting: 
https://sourceforge.net/tracker/?func=detail&atid=722306&aid=2806390&group_id=131809

More information about the CWB mailing list