Custom Query (2152 matches)

Filters
 
Or
 
  
 
Columns

Show under each result:


Results (91 - 93 of 2152)

Ticket Resolution Summary Owner Reporter
#321 duplicate Delegate authentication to Drupal thejimmyg johnbywater

Reported by johnbywater, 4 years ago.

Description

When CKAN is included in a Drupal front-end, CKAN edit pages are used in a slave-mode, such that authentication is delegated to the Drupal front-end user model.

The Drupal front-end shall have:

  1. Login page - fixed location, can authenticate users, on successful authentication sets auth cookie and redirects to HTTP_REFERER.
  1. Access control resource - fixed location, can authorise users, on receipt of valid auth cookie return message listing account details and permitted actions.
  1. Access denied page - fixed location, static resource, gently

indicates what has happened, and how to ask for permission.

The CKAN slave edit page shall:

  1. Try to detect a Drupal session key (passed as cookie or as request param).
  1. Redirect to Drupal login page if no session key.
  1. Check authorisation if session key is found.
  1. Redirect to access denied page if session key not authorised.
  1. Present the Package edit page.
  1. Reject unauthenticated or unauthorised edit submissions.
  1. Snag invalid edit submissions from authenticated and authorised users.
  1. Respond to valid edit submissions from authenticated and authorised users, by saving the new package state, and redirecting to Package read page in Drupal front-end.
#358 duplicate Resources in REST API rgrp dread

Reported by dread, 4 years ago.

Description

(spun out of ticket:336)

Resource added to model API at:

api/rest/resource

Example model request

GET to: /api/2/rest/resource/a3dd8f64-9078-4f04-845c-e3f047125028

returns:

 [{"id": "a3dd8f64-9078-4f04-845c-e3f047125028",
   "package_id": "b8a325c8-af2a-43f3-8245-9db7d73dfbfe",
   "URL": "http://scraperwiki.com/lincolnshire-councillors", 
   "format": "CSV", 
   "Description": "Scrape of www.lincs.gov/councillors.pdf by ScraperWiki.",
   "hash": "", 
   "position": 2
 }]

Authorization

  1. Have it generic (ie. not per resource) and use an action/role on system
  2. Require all resources to attach to packages an inherit their permissions (i.e. read/write etc if and only read/write on associated packages)
  3. Introduce Resource in authorization system (requires migration)

Mixed model

Create / Edit:

if resource associated to package:
    check_permissions(package, update)
else:
    check_system_permissions(c.user, model.Action.Resouce Create/Update, model.System)
#394 duplicate Fix munin on DGU (?) johnbywater johnbywater
Note: See TracQuery for help on using queries.