http://localhost/ticket/321 <p> When CKAN is included in a Drupal front-end, CKAN edit pages are used in a slave-mode, such that authentication is delegated to the Drupal front-end user model. </p> <p> The Drupal front-end shall have: </p> <ol><li>Login page - fixed location, can authenticate users, on successful authentication sets auth cookie and redirects to HTTP_REFERER. </li></ol><ol start="2"><li>Access control resource - fixed location, can authorise users, on receipt of valid auth cookie return message listing account details and permitted actions. </li></ol><ol start="3"><li>Access denied page - fixed location, static resource, gently </li></ol><p> indicates what has happened, and how to ask for permission. </p> <p> The CKAN slave edit page shall: </p> <ol><li>Try to detect a Drupal session key (passed as cookie or as request param). </li></ol><ol start="2"><li>Redirect to Drupal login page if no session key. </li></ol><ol start="3"><li>Check authorisation if session key is found. </li></ol><ol start="4"><li>Redirect to access denied page if session key not authorised. </li></ol><ol start="5"><li>Present the Package edit page. </li></ol><ol start="6"><li>Reject unauthenticated or unauthorised edit submissions. </li></ol><ol start="7"><li>Snag invalid edit submissions from authenticated and authorised users. </li></ol><ol start="8"><li>Respond to valid edit submissions from authenticated and authorised users, by saving the new package state, and redirecting to Package read page in Drupal front-end. </li></ol> en-us http://assets.okfn.org/p/ckan/img/ckan_logo_shortname.png http://localhost/ticket/321 Trac 0.12.3 johnbywater Mon, 24 May 2010 12:54:19 GMT http://localhost/ticket/321#comment:1 http://localhost/ticket/321#comment:1 <ul> <li><strong>description</strong> modified (<a href="/ticket/321?action=diff&amp;version=1">diff</a>) </li> </ul> Ticket rgrp Tue, 27 Jul 2010 21:38:30 GMT http://localhost/ticket/321#comment:2 http://localhost/ticket/321#comment:2 <ul> <li><strong>milestone</strong> <em>v1.1</em> deleted </li> </ul> Ticket anonymous Tue, 23 Nov 2010 10:02:47 GMT http://localhost/ticket/321#comment:3 http://localhost/ticket/321#comment:3 <ul> <li><strong>owner</strong> changed from <em>johnbywater</em> to <em>thejimmyg</em> </li> </ul> Ticket anonymous Wed, 08 Dec 2010 18:03:19 GMT http://localhost/ticket/321#comment:4 http://localhost/ticket/321#comment:4 <ul> <li><strong>status</strong> changed from <em>new</em> to <em>closed</em> </li> <li><strong>resolution</strong> set to <em>duplicate</em> </li> </ul> <p> This has now been superseded with this proposal: <a class="closed ticket" href="http://localhost/ticket/787" title="task: Auth API (closed: fixed)">#787</a> </p> Ticket