Custom Query (2152 matches)

Filters
 
Or
 
  
 
Columns

Show under each result:


Results (472 - 474 of 2152)

Ticket Resolution Summary Owner Reporter
#1025 fixed Default authz can be set in config dread dread

Reported by dread, 3 years ago.

Description

Currently the default authz for a package is hard-coded to:

 <PackageRole user="visitor" role="editor" context="Package">,
 <PackageRole user="logged_in" role="editor" context="Package">,

This should be configurable in the config, so that you can have a more locked down instance etc.

#468 fixed Default config file has commented out configuration variable johnbywater johnbywater
#1066 fixed Default reader role too permissive dread dread

Reported by dread, 3 years ago.

Description

The definition of the 'reader' role includes creating packages, which is too permissive for some CKAN instances (e.g. DGU). 'Reader' suggests only reading, so I think this role should avoid creating and editing.

All projects so far want all roles to be able to create users, so this stays as a Reader action for now, as a convenience.

Implementation:

  • Action.PACKAGE_CREATE removed from reader's default_role_actions
  • Visitor has a new default role, called 'anon_editor' which can edit packages, but not groups / auth groups - you have to log in for that.
  • Migration script not needed?
  • Code comments written, to make clear the suggested policy
Note: See TracQuery for help on using queries.