grouper-users - [grouper-users] Unexpected behavior with inheritance rules
Subject: Grouper Users - Open Discussion List
List archive
- From: "Waldbieser, Carl" <>
- To: Gouper Users List <>
- Subject: [grouper-users] Unexpected behavior with inheritance rules
- Date: Fri, 23 Sep 2016 16:56:07 -0400 (EDT)
- Ironport-phdr: 9a23:OnUFhB1z1MW8/d5vsmDT+DRfVm0co7zxezQtwd8ZsegXI/ad9pjvdHbS+e9qxAeQG96Eu7QZ0KGP7ujJYi8p39WoiDg6aptCVhsI2409vjcLJ4q7M3D9N+PgdCcgHc5PBxdP9nC/NlVJSo6lPwWB6lX71zMZGw3+OAxpPay1X9eK14Xkn9y1rrLUfh1FnnKAer5oN12SrB7N/p0Zm4x/MqsrjwbSr2FTU+VQ2W5yI1+PxVDx6trmr7B59CEF8c0o88JKUKjhcr58BZdRFjBsezQq7cnnvxjORiOL73UVQ2gKjhcODgTYukKpFqztuzf347IukBKROtf7GPVtAWyv
My goal is to have a folder, "app", that contains a subfolder, "etc" with 2
groups "admins" and "viewers". Members of "admins should be able to create
groups and folders under "app", add/remove members, etc. Members of
"viewers" should only be able to view memberships and privs on groups under
"app".
I am using the `inheritGroupPrivileges` rules for both of the groups on the
"app" stem, as well as the "normalizeInheritedPermissions" rule on the "app"
stem. It seems to work like expect in simple scenarios.
Instead of adding members directly to the "admins" and "viewers" groups, I
added groups to them. For example, my account is in group "foo" and I add
"foo" to "admins".
When I create a new group in "app", "admins" and "viewers" have the proper
permissions, but "foo" is also a *direct* member, which I did not expect.
I'm not sure why it appears, but I suspect it has something to do with how
the "normalizeInheritedPermissions" rule works.
Does anyone have any ideas?
Thanks,
Carl Waldbieser
ITS Systems Programmer
Lafayette College
- [grouper-users] Unexpected behavior with inheritance rules, Waldbieser, Carl, 09/23/2016
- [grouper-users] RE: Unexpected behavior with inheritance rules, Hyzer, Chris, 09/23/2016
Archive powered by MHonArc 2.6.19.