Subject: Grouper Developers Forum
- From: "GW Brown, Information Systems and Computing" <>
- To: Tom Barton <>, Joy Veronneau <>
- Cc: , Grouper Users <>
- Subject: Re: [grouper-dev] another use case
- Date: Tue, 25 Jul 2006 16:43:19 +0100
--On 25 July 2006 09:03 -0500 Tom Barton
I've indicated how you can deploy grouper to meet your need, but I canIf the capability is required, it may be possible to customise the UI to achieve it. One way would be to:
imagine it might be difficult to operate this way if there are many
different group managers using restricted groups - there's no guarantee
that they'll all follow the conventions above. Do you think that'll be
your circumstance, and that you'd really need some capability to
"override" the privilege assignments made by those with group management
1) Write and configure a Servlet filter, which acts after the LoginCheckFilter, and which replaces the default GrouperSession instance with one for GrouperSystem - assuming some authorisation test is passed i.e. membership of the helpdesk group.
2) Override any 'write' action in Struts-config.xml, with an action which says 'This function is not available'.
This would allow the user to browse any stems/groups. Using the Subject Search tab would allow them to check memberships / privileges for any subject.
The advantage of this approach is that it can be achieved without modifying the UI source. The disadvantage is that links would still be provided for 'write' operations. However, it would only take a little effort to 'enhance' the UI so that it would behave as if the user only had read privilege, but for every group.
GW Brown, Information Systems and Computing
- another use case, Joy Veronneau, 07/25/2006
Archive powered by MHonArc 2.6.16.