Uploaded image for project: 'Sakai'
  1. Sakai
  2. SAK-29401

Role-based access to sites

    XMLWordPrintable

    Details

    • Test Plan:
      Hide

      Test both Create New Site (dont create from a template) & Site Info > Manage Access.

      Check that the desired groups appear with check boxes in a section marked "Additional Access" select one or more "role groups" and complete the process.

      Locate a user (non-admin) that is not a site member but is a member of one of the groups. Check that they can access the site, ie, visit the site (but the site wont be in the "Active Sites" list)

      Locate a user (non-admin) that is not a site member and is not a member of one of the groups. Check that they cannot access the site.

      Check that regular site members who are not in the selected role group can access the site as normal.

      Check the permissions helpers for all tools and make sure they have new columns (or equivalent) corresponding to the selected role groups.

      Show
      Test both Create New Site (dont create from a template) & Site Info > Manage Access. Check that the desired groups appear with check boxes in a section marked "Additional Access" select one or more "role groups" and complete the process. Locate a user (non-admin) that is not a site member but is a member of one of the groups. Check that they can access the site, ie, visit the site (but the site wont be in the "Active Sites" list) Locate a user (non-admin) that is not a site member and is not a member of one of the groups. Check that they cannot access the site. Check that regular site members who are not in the selected role group can access the site as normal. Check the permissions helpers for all tools and make sure they have new columns (or equivalent) corresponding to the selected role groups.

      Description

      Implement a new Sakai interface "Role Provider" which can be used to supply new roles (in addition to the default .anon & .auth) that can be used to protect a site.

      The Create site workflow and "Site Info > Manage Access" processes are enhanced with the ability to allow any of the provided roles to access a site.

      Examples of additional roles could be "Staff", "Students", "Senior Members", "Provided Users" (ie, people with SSO accounts at the local institution), and so on

      The Role Provider has a default implementation that can be configured for local deployment

        Gliffy Diagrams

          Attachments

            Issue Links

            is depended on by

            Bug - A problem which impairs or prevents functionality of the product. SAK-29977 SQL script for role based access upgrade.

            • Blocker - Blocks development and/or testing work, production could not run without this feature working correctly.
            • RESOLVED

            (Deprecated) Contributed Patch - We use Github and Pull Requests. We no longer use contributed patches (for the most part. ask for exceptions.) SAK-29603 Remove roles from forums permissions

            • Major - Major loss of function or need for functionality in production in the near future.
            • RESOLVED

            (Deprecated) Contributed Patch - We use Github and Pull Requests. We no longer use contributed patches (for the most part. ask for exceptions.) SAK-29585 Add additional roles permissions to Admin Site Perms tool

            • Major - Major loss of function or need for functionality in production in the near future.
            • CLOSED

            (Deprecated) Contributed Patch - We use Github and Pull Requests. We no longer use contributed patches (for the most part. ask for exceptions.) SAK-29402 Role-based access to Resources

            • Major - Major loss of function or need for functionality in production in the near future.
            • Verified
            is related to

            Bug - A problem which impairs or prevents functionality of the product. SAK-32694 Site maintainers not able to view or edit group permissions in project sites

            • Critical - Crashes, loss of data, severe memory leak, need functionality ASAP in production.
            • OPEN

            Feature Request - Functionality that you would like to see in Sakai. SAK-29008 Feature requests needing merging/consideration for Sakai 11

            • Blocker - Blocks development and/or testing work, production could not run without this feature working correctly.
            • CLOSED
            relates to

            Bug - A problem which impairs or prevents functionality of the product. SAK-38618 Oracle security service busted

            • Blocker - Blocks development and/or testing work, production could not run without this feature working correctly.
            • RESOLVED

            Bug - A problem which impairs or prevents functionality of the product. SAK-29970 Allow roles returned by RoleProvider to be enabled/disabled.

            • Blocker - Blocks development and/or testing work, production could not run without this feature working correctly.
            • Verified
            mentioned in

            Page Loading...

              Activity

                People

                • Assignee:
                  farreri Miguel Pellicer
                  Reporter:
                  adamm Adam Marshall
                • Votes:
                  0 Vote for this issue
                  Watchers:
                  6 Start watching this issue

                  Dates

                  • Created:
                    Updated:
                    Resolved:

                    Git Source Code