Skip to Content.
Sympa Menu

grouper-dev - [grouper-dev] Grouper 2.3 UI ( vary recent patch Post 44)

Subject: Grouper Developers Forum

List archive

[grouper-dev] Grouper 2.3 UI ( vary recent patch Post 44)


Chronological Thread 
  • From: "Black, Carey M." <>
  • To: "" <>
  • Subject: [grouper-dev] Grouper 2.3 UI ( vary recent patch Post 44)
  • Date: Wed, 1 Aug 2018 21:26:55 +0000
  • Accept-language: en-US
  • Authentication-results: spf=pass (sender IP is 128.146.138.9) smtp.mailfrom=osu.edu; internet2.edu; dkim=pass (signature was verified) header.d=osu.edu;internet2.edu; dmarc=pass action=none header.from=osu.edu;
  • Authentication-results-original: spf=none (sender IP is ) ;
  • Ironport-phdr: 9a23:IFwIMxFSpVvW+pc5jJ93U51GYnF86YWxBRYc798ds5kLTJ7ypsuwAkXT6L1XgUPTWs2DsrQY07SQ6/iocFdDyK7JiGoFfp1IWk1NouQttCtkPvS4D1bmJuXhdS0wEZcKflZk+3amLRodQ56mNBXdrXKo8DEdBAj0OxZrKeTpAI7SiNm82/yv95HJbAhEmDuwbaluIBmqsA7cqtQYjYx+J6gr1xDHuGFIe+NYxWNpIVKcgRPx7dqu8ZBg7ipdpesv+9ZPXqvmcas4S6dYDCk9PGAu+MLrrxjDQhCR6XYaT24bjwBHAwnB7BH9Q5fxri73vfdz1SWGIcH7S60/VDK/5KlpVRDokj8KOT4n/m/Klsx+gqFVoBO9qBJwzIHZe52VNONicq/BYd8WWXRNU8BMXCJBGIO8aI4PAvIPMetFq4nyvUcBrRimCQKxGu7g0CVIiWH23KYn1OotCw/K1xEnEt0VtHTbtsn6NKQIXeyo0qXFwy7Ob/RN2Tfg8oTHbA0uoeyVUL92bMHfylEvGhvbglqKtYDpIjaY2vkQv2SG6udgW+2ih3I7pwx0rDig2Mghh4jMi48QyF3I6yt5zJ4rKdC3UkJ3f8KoHZhKuy2EKYd7TNkuT3xqtSs50rEGt4C0cSsWxJkiwhPSb/OKfoqV7h/mUOudPCl3iXFgdb+9mRq+7Uqtx+jiWsS1zFlGsCxImcTWuH8XzRzc8M2HR+N9/ki/3TaP0Bje5PlYLE4ziabXNYctz6M2mJYNqEjDGTT5l1vsgK+Ra0Uk5vOn6+P6YrXgu5CQLZd0ihv5MqQyhMOwHfg4MgkJX2id4+i806Dj/VH9QLVNif02kbPVv4zdJcQevqK5AglV3Zg/6xunETupysgUkWQCIV5YZR6Lko3kO1/BLfzkEfuyhlqsnylkyv3HO7DsB5fAImbNkLv5eLZy8U9cyA49zdBF4JJUD6kML+n3WkDrqNPYDQU1PxGqz+vpE9h90ZgeWX+VDqCHLazSrEeE5vgzLOmUeI8VpDH9JuAq5/70in85hEcdcrez3ZcOdX+3AOpmLl6dYXrtmdcBDXwKshQkQOzrjl2CTSBcZ2y0X60i+jE3FpiqApneSYCw0/S923LxEYdRe3hLEBWAHGnAdoOYVu0KZT7IZMJtj3ZMAbe7TJI52AvruALk47thMufO/CAE79Tu2MUjtMPJkhRnvxZwBs+elymmRnt5jystAXV+iKp7qEd+jA7ZioB/mOEeGNBOsaAaGjwmPILRmrQpQ+v5XRjMK4/TEgSvX8mmDDctT9k4394JZQNnFs6/igzYhnvyUaQNmemTDYcvuuLH0n79Ktw16k6O1bJp1gN2BJITayv/3f45pkm2ZcbSllmB0aOjdKASxinIoWCY0CyDsFwLGA92TajfW30DPA3bocmqrk/BTrr7Eb08KUMB0s+NLKJWd8fkxUpPX7/9Nc7fbWO8lybVZ16Iy7qAYZCsdzAaxzibBUQZwAEV4XucMwUiXGGsr3+NRDBrHEjkNlvl6vI2oXinT0gymgeNaUAp17e89hMPw/KGTPZG2akZ/iottmZ5
  • Spamdiagnosticmetadata: NSPM
  • Spamdiagnosticoutput: 1:99
Recently I stumbled into a config setting in grouper-ui.properties.

These settings appear to control who can see the "More" tab (or at least an
option on that menu) on the UI.

uiV2.privilegeInheritanceDoesntRequireRulesPrivileges = true
uiV2.privilegeInheritanceUpdateRequireAdmin = false
uiV2.privilegeInheritanceReadRequireAdmin = false
uiV2.privilegeInheritanceUpdateRequireGroup = etc:wheel
uiV2.privilegeInheritanceReadRequireGroup = etc:wheel

I actually think I have that set wrong... I do think Admin of the folder"
should be able to set inherited permissions. Which is how I stumbled into it.
:)

Then another thought occurred to me:
Does the new "More actions" (upper right corner of a folder/group)
--> "Attribute assignments" options governed by the same settings?


The reason I as is that the "Privileges inherited to objects in folder"
settings are implemented as "Rules" and looks like the details are expressed
as attributes on the folder.
So I am wondering if the "Attribute assignments" UI is "leaking" data that
is protected under the "More" tab?

I guess it might be possible that I can only see the attributes that I have
permission to see too....
I have not tested this question at all. I thought a quick question/answer
would be faster.

--
Carey Matthew




  • [grouper-dev] Grouper 2.3 UI ( vary recent patch Post 44), Black, Carey M., 08/01/2018

Archive powered by MHonArc 2.6.19.

Top of Page