Grouper Users - Open Discussion List

[Dirk Kastens <>]

Hi again,

it seems, that the hook only works with ADMIN privileges. I created the 
root stem "uos" and tried to add a group. Group "g1" has been created as 
GrouperSysAdmin - this works. Group "g2" has been created as user 
"dkastens":

-------------------
gsh 0% grantPriv("uos", "dkastens", NamingPrivilege.STEM)
true
gsh 1% grantPriv("uos", "dkastens", NamingPrivilege.CREATE)
true
gsh 2% addGroup("uos", "g1", "Group 1")
group: name='uos:g1' displayName='Uni Osnabrueck:Group 1' 
uuid='4c5be8e01c5f42c8a06af6bd5b404529'
gsh 3% subj = findSubject("dkastens")
subject: id='dkastens' type='person' source='uosldap' name='Dirk Kastens'
gsh 4% sess = GrouperSession.start(subj)
edu.internet2.middleware.grouper.GrouperSession: 
3346e568089b4c189c682c9f6dbb3f3e,'dkastens','person'
gsh 5% addGroup("uos", "g2", "Group 2")
// Error: unable to evaluate command: Sourced file: inline evaluation 
of: ``addGroup("uos", "g2", "Group 2");'' : Error invoking compiled 
command: : Error in compiled command: java.lang.RuntimeException: 
subject cannot ADMIN,
Problem in HibernateSession: HibernateSession: isNew: false, isReadonly: 
false, grouperTransactionType: READ_WRITE_NEW,
Hook GroupAddUosHook.groupPostInsert id: QKII325A,
Problem in HibernateSession: HibernateSession: isNew: false, isReadonly: 
false, grouperTransactionType: READ_WRITE_NEW,
Problem in HibernateSession: HibernateSession: isNew: true, isReadonly: 
false, grouperTransactionType: READ_WRITE_NEW
gsh 6% groupGetTypes("uos:g1")
type: 'posixGroup'
type: 'base'
gsh 7% groupGetTypes("uos:g2")
gsh 8%
---------------

What does the error "subject cannot ADMIN" mean? Group "g2" has been 
created but it doesn't have any types. So the hook doesn't seem to work 
without admin rights. Can this be changed or do I miss something?

Thanks,
Dirk

Attachment: smime.p7s
Description: S/MIME Cryptographic Signature