comanage-dev - Re: [comanage-dev] scenarios for video #2
Subject: COmanage Developers List
List archive
- From: Scotty Logan <>
- To: Ken Klingenstein <>
- Cc:
- Subject: Re: [comanage-dev] scenarios for video #2
- Date: Thu, 28 Aug 2008 14:57:54 -0700
On Aug 22, 2008, at 5:11 PM, Ken Klingenstein wrote:
1. collabmin adds user from alphabets global to a particular subgroup, removes another. voiceover talks about the permissions so granted, removed (e.g. this user can now access the subgroup wiki, will be on the committee email list, can access new parts of the cvs)
<pedantic>we should be careful about maintaining the distinction between group membership and permissions / entitlements</pendantic>
2. collabmin allows users from one subcommittee permission to read but not write on another groups wiki space. (pointing out it can be done either at the comanage or the wiki layer, and pros/cons). do we want to show that we can expire this permission automatically at a certain date? (can we?)
None of the tools we're deploying support external permissions. Of the wikis I've seen, Confluence seems to have the best grasp of permissions management, but it's still internal. The collabmin can create groups and add members to them in Grouper, but to use those groups they have to go into Confluence and grant permissions on spaces to those groups.
Other than Atlassian doing the right thing and supporting external permissions, we'd need to write a provisioning connector that uses the Confluence SOAP API to populate permissions on spaces. Dynamic LDAP groups based on permissions / entitlements might also be worth investigating.
3. collabmin grants TA's (already in alphabets global dir and in a group labelled...) of one member of alphabets some standard (i.e. preexisting group) special permissions - (e.g adding students to student lists, and to a yet-to-be-written app that connects to the admin role of the student lab card access system, etc.). maybe too complex to describe, but if it is a simple group inclusion in another group to execute, it shows well.
Could this be simplified to showing nested groups and delegated group management? There are no permissions in COmanage yet.
Scotty
--
Scotty Logan
- Logos online, Scotty Logan, 08/22/2008
- scenarios for video #2, Ken Klingenstein, 08/22/2008
- Re: [comanage-dev] scenarios for video #2, Digant C Kasundra, 08/27/2008
- Re: [comanage-dev] scenarios for video #2, Scotty Logan, 08/28/2008
- Re: [comanage-dev] scenarios for video #2, Michael R. Gettes, 08/28/2008
- scenarios for video #2, Ken Klingenstein, 08/22/2008
Archive powered by MHonArc 2.6.16.