Skip to Content.
Sympa Menu

grouper-users - [grouper-users] discussion topic: default read/view privileges

Subject: Grouper Users - Open Discussion List

List archive

[grouper-users] discussion topic: default read/view privileges


Chronological Thread 
  • From: Chris Hyzer <>
  • To: "" <>
  • Subject: [grouper-users] discussion topic: default read/view privileges
  • Date: Sat, 22 Jun 2013 03:36:05 +0000
  • Accept-language: en-US
  • Authentication-results: sfpop-ironport01.merit.edu; dkim=neutral (message not signed) header.i=none

 

Grouper ships by default with the UI auto-selecting group privileges to be globally viewable and readable (can see the group exists and view its members).

 

groups.create.grant.all.read          = true

groups.create.grant.all.view          = true

 

We have had some discussion at the last dev call to change these defaults so they are false.  Of course as a deployer, you can set change the config setting if you like.

 

My personal opinion is that this aspect of Grouper security should default to off, and if someone wants to make a conscious decision to make a group public that they are creating, then can check the checkbox.  If you deploy with this to true, and change it later once you decide you want more privacy, then it is difficult to change since you don’t know who is using what group (if you remove the public grants, will apps break?).  Well, its easy to change this default, but its difficult to remove the grants of existing groups. If all your users of grouper are in the same department, then I could see why you would just want things public, but once you open it up to end users who do not want everyone to view/read their groups, then I think it should default to off.

 

Jim at UW has his defaulting to true, and likes it that way.  He has publicly viewable/readable groups for all groups that don’t have students in them.  (just curious, is it up to the group creator to realize that set the group to not be public)?  Im sure he will elaborate on his setup.  Also, if it defaults to true, it makes the quick start more compelling since there are folders/groups to see for all users.

 

TomB suggested a way to have parts of the namespace which default a certain way, and parts which do not.  If that were implemented, hopefully users would not be confused or surprised.

 

Anyways, what are the thoughts?  Should this aspect of Grouper default to help security, or reusability (i.e. its easier to use/reuse groups if you can see and read them), or a hybrid (pick and choose folders)?

 

Thanks,

Chris




Archive powered by MHonArc 2.6.16.

Top of Page