Skip to Content.
Sympa Menu

grouper-users - RE: [grouper-users] Grouper 2.2.2 Privilege Inheritance

Subject: Grouper Users - Open Discussion List

List archive

RE: [grouper-users] Grouper 2.2.2 Privilege Inheritance


Chronological Thread 
  • From: BROWN Hugh <>
  • To: "'Shilen Patel'" <>, "" <>
  • Subject: RE: [grouper-users] Grouper 2.2.2 Privilege Inheritance
  • Date: Fri, 25 Mar 2016 12:40:31 +0000
  • Accept-language: en-GB, en-US
  • Authentication-results: duke.edu; dkim=none (message not signed) header.d=none;duke.edu; dmarc=none action=none header.from=ed.ac.uk;
  • Spamdiagnosticmetadata: NSPM
  • Spamdiagnosticoutput: 1:23

Thanks Shilen,

 

That’s great. I had hoped that privilege inheritance might be possible via the UI, but we can add this as a scripted step in the devolved folder setup process.

 

Thanks again,

Hugh

 

From: Shilen Patel [mailto:]
Sent: 25 March 2016 11:55
To: BROWN Hugh <>;
Subject: Re: [grouper-users] Grouper 2.2.2 Privilege Inheritance

 

You can use grouper rules:

 

 

In particular:

 

 

Thanks!

 

- Shilen

 

On 3/25/16, 6:22 AM, "Hugh Brown" <> wrote:

 

I submitted this query earlier, but realised that I hadn't yet subscribed to

the mailing list, so apologies if this has created a duplicate.

 

We are using Grouper 2.2.2 having upgraded to version  To date all access has

been programmatic using GrouperSysAdmin access, but we now wish to allow

devolved user groups to manage their owner folders/groups via the Grouper UI

and to make use of existing enterprise group memberships.

 

I assigned the custom users group Attribute read attribute privilege to the

parent folder of the enterprise groups, but found that this does not provide

read access to any child folders/groups. At first I thought that this might

only affect existing groups, in which case I could assign permissions via

grouper shell. However, I also found that read privilege is not even inherited

by new folders or groups.

 

I did find that the custom users group does have read access to all groups

created in Grouper 1.5. This appears to be because these groups have Group

read privilege assigned to "EveryEntity", which I understand was no longer

default in Grouper 2.

 

Can you advise on how to assign a group read access to a folder via the UI

such that read access is inherited by all child folders/groups?

 

Thank you,

Hugh Brown

 

The University of Edinburgh is a charitable body, registered in
Scotland, with registration number SC005336.

Archive powered by MHonArc 2.6.16.

Top of Page