Grouper Users - Open Discussion List

[Tom Barton <>]

I think it would be best to first explore such contextual extensions to 
basic groups in purpose-built clients. For example, a special 
course-management related UI could hide the internal details of how the 
various types of students (ad hoc, inactive, etc) are handled in Gary's 
use case.

This approach would allow actual actual usage trends to emerge before we 
bake any such into the api, in advance of really knowing what's needed.

But I agree that we should be on the lookup for such patterns as more 
adoption occurs.

Tom

GW Brown, Information Systems and Computing wrote:
> I agree it would be good to hide some of the internals. Having some 
> groups which are never visible except to the Grouper internals might 
> work i.e. always have some additional group methods:
>
> addAdHocMember
> getAdHocMembers/Memberships
>
> excludeMember
> getExcludedMembers/Memberships
>
> + others as required, which manipulate the hidden groups.
>
> We might also be able to use additional membership lists for ad hoc and 
> excluded members. Adding / removing members from these lists would 
> impact the actual membership - however, this may be more invasive and 
> would mean getting to grips with how effective memberships are worked 
> out - possibly having different rules for different types of groups.
>
> In the meantime, for sites who are mostly concerned with provisioning 
> accurate membership lists to LDAP which is where most integration takes 
> place, custom provisioning code could take care of the logic of exporting:
>
> actual membership + ad hoc custom list - excluded list.
>
> Gary
>
> --On 05 March 2008 15:59 -0500 Chris Hyzer 
> <>
>  wrote:
>
> > I think it would be useful to eventually have a higher-level group
> > concept to remove this complexity from users.  5 groups is a bit much to
> > have to deal with for this use case.  Granted grouper can still store the
> > data in the same way it does now, but the user doesn't need to know.  Not
> > sure if this is feasible.
> >
> > Regards,
> > Chris
> >
> > > -----Original Message-----
> > > From: GW Brown, Information Systems and Computing
> > > [mailto:]
> > > Sent: Tuesday, March 04, 2008 10:36 AM
> > > To: Bert Bee-Lindgren; Grouper Users
> > > Subject: Re: [grouper-users] Cascading into and out of groups and
> > > signet
> > >
> > > The approach I'm taking to incomplete data from source systems e.g.
> > > student
> > > systems is to set up the following groups:
> > >
> > > Registered students for X
> > > Ad hoc students for X
> > >
> > > All students for X -> has above two groups as members
> > >
> > > Inactive students for X
> > >
> > > and finally:
> > >
> > > Students for X -> All students for X <complement> Inactive students for
> > > X
> > >
> > > which is the group I would use for granting privileges.
> > >
> > > Currently I place all but the last group under another stem to reduce
> > > clutter.
> > >
> > > If you don't need to cater for people who need removing it is simpler -
> > > fewer groups.
> > >
> > > Gary
>
>
>
> ----------------------
> GW Brown, Information Systems and Computing
begin:vcard
fn:Tom Barton
n:Barton;Tom
org:University of Chicago;Networking Services & Information Technology
adr;dom:1155 E. 60th St.;;Rm 309, 1155 Bldg;Chicago;IL;60637
email;internet:
title:Sr. Director - Integration
tel;work:+1 773 834 1700
version:2.1
end:vcard