Skip to Content.
Sympa Menu

grouper-users - RE: [grouper-users] default membership privileges for new members, setting default browser view and removing quick links

Subject: Grouper Users - Open Discussion List

List archive

RE: [grouper-users] default membership privileges for new members, setting default browser view and removing quick links


Chronological Thread 
  • From: Chris Hyzer <>
  • To: Jeff McCullough <>
  • Cc: "" <>
  • Subject: RE: [grouper-users] default membership privileges for new members, setting default browser view and removing quick links
  • Date: Thu, 5 Feb 2015 18:56:24 +0000
  • Accept-language: en-US

first of all, you wouldnt need a rule on each group, you just need to assign the group as a reader of itself.  However, using EL I was able to craft a rule to do this for all groups in a folder (on group create, assign the group to be a reader of itself, which means all members of the group can read the group).

The only thing you need to change is the folder name below.  Let me know how it goes :)

 

btw, this only assigns the priv is the group doesnt already have the priv, so if you have GrouperAll having READ/VEW on groups in your grouper config, then it wont work (and you wouldnt even need this rule!)  :)

 

Thanks,

Chris

 

grouperSession = GrouperSession.startRootSession();

folder = StemFinder.findByName(grouperSession, "testFolder");

AttributeAssign attributeAssign = folder.getAttributeDelegate().addAttribute(RuleUtils.ruleAttributeDefName()).getAttributeAssign();

AttributeValueDelegate attributeValueDelegate = attributeAssign.getAttributeValueDelegate();

attributeValueDelegate.assignValue(RuleUtils.ruleActAsSubjectSourceIdName(), "g:isa");

attributeValueDelegate.assignValue(RuleUtils.ruleActAsSubjectIdName(), "GrouperSystem");

attributeValueDelegate.assignValue(RuleUtils.ruleCheckTypeName(), RuleCheckType.groupCreate.name());

attributeValueDelegate.assignValue(RuleUtils.ruleCheckStemScopeName(), Stem.Scope.SUB.name());

attributeValueDelegate.assignValue(RuleUtils.ruleThenElName(),"${ruleElUtils.assignGroupPrivilege(groupId, 'g:gsa', groupId, null, 'read')}");

 

 

 

From: Jeff McCullough [mailto:]
Sent: Wednesday, February 04, 2015 7:03 PM
To: Chris Hyzer
Cc:
Subject: Re: [grouper-users] default membership privileges for new members, setting default browser view and removing quick links

 

The alternate I guess is creating a rule per group after the groups are created. Let’s say there are multiple thousands of groups, will there be an issue with having that many rules? If the group is deleted the other issue is that the rule no longer applies. Is there an issue there?

 

Jeff

 

On Feb 2, 2015, at 11:32 PM, Jeff McCullough <> wrote:

 

Interesting idea. The groups in question will all be in one folder. I can see how to use the method for groups that exist. Is it possible to do this on groups that have yet to be created given the view/read group needs to be specified when creating the rule in the inheritGroupPrivileges method?

 

Thanks,

Jeff

 

On Feb 2, 2015, at 8:30 PM, Chris Hyzer <> wrote:

 

 

> 1) I'd like to be able to change the default membership privileges

> that are presented when adding a new member of a group. The current

> default is simply “member”. We might like the default to add “view”

> and “read” for the members that are being added. There are the

 

> privileges that are set for the GrouperAll (groups.create.grant.all.*)

> when a group is created, but the case I’m interested in is just for

> members of the group not anyone on the system. I don’t see any

> properties in the properties files, but wonder if maybe a rule would work?

 

Do you want this for all groups, or just certain groups?  If it is just certain groups, where you want all members to be able to view/read the group, can you just make the group a reader of itself (which implies view)?

 

 

> 

> 2) I’d like the default browser view to be different than the root

> view. The property default.browse.stem=edu:berkeley works fine in

> the Admin UI, but the new UI “Browse Folders”  view on the main page

> doesn’t change. Is there a separate property for that? Given it is a

> tree view, the desired behavior would be to at least open the view to

> the default browse stem.

 

I added a jira for that. 

 

 

 

> 

> 3) The quick links menu is great, but I don’t want to display the links

> for the Admin UI and Lite UI. I see properties for display relating to

> the older UIs, but not for the new UI. It looks like I just need to

> remove the links from the JSP. Is that correct?

> 

 

I added a jira for that.  And in the meantime, just edit that JSP

 

 

Thanks,

Chris

 

 


Archive powered by MHonArc 2.6.16.

Top of Page