Skip to Content.
Sympa Menu

grouper-users - RE: [grouper-users] How to define stem navigator privileges

Subject: Grouper Users - Open Discussion List

List archive

RE: [grouper-users] How to define stem navigator privileges


Chronological Thread 
  • From: "Hyzer, Chris" <>
  • To: Olivier Salaün <>, "" <>
  • Subject: RE: [grouper-users] How to define stem navigator privileges
  • Date: Wed, 25 Mar 2020 16:25:12 +0000
  • Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=isc.upenn.edu; dmarc=pass action=none header.from=isc.upenn.edu; dkim=pass header.d=isc.upenn.edu; arc=none
  • Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=QgpGKCHO2z1QkXO3sWJbeMH0KEs/TSsy3NWsjURFa8c=; b=ldPPEhOhvNfLF5D0Ggjn6EdWdsSSZmep6AMLFzfrOWdo4A44frDrWfDrX9wQ14COJEFrpHQ4t7EMftyyKD+F392kdKMRpud8fEIgb47D9gaZYflY7QbRGSfezJo/5hCPOkcK2NmKzJYE+lJyx3/VLpe7//YJqdqMV+GK0ioR7RlE/Ug+ziS7blESpDq138kHh/J8VyaXtZDAA+1qNBBmznZ+n/InSDMUwkGTEwKnf53kpeMd4QSEX4otwyYXX578GKTz9fLbtL17HGLfLbj+gx8xOv8q/vZg9wqSvkU4iSpifVrQS+DotGyiPUoCFmeehJFwcg3ldkIrM/LeXs5s+A==
  • Arc-seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=PjQxw0r4vaCDwTECKk/Wvxlvg1Dh/hfYMtO/5Yrejn5IqTxfQejUeN+YkEgUDCVhsmPQ6d4cphnBDuoHUzCJ1EQt+4vADaxRY53hjzfmpX3olQZOTZUkKYDSCzC5XetQ87k4RBux7hMI5Pt+YSJmjPe7U5wiwV8VtlwFgoz4/WXSBeJ9yk9zOrRlrQQBP174OjY6zEwaH5RJ10egoHY1YxEAv2pBWg3yhlRMtbkBmwM/IlfmhsCiourjBzuGx6QzCH57P2/qVL7Bx4RDJVzRCJg5eSgAKoLilo6k4mJyVfbOF9dj4HhWk1iS4zDwGE+ql/X70z7xQjcX4WBFisxYGQ==

In the grouper.properties set this:

 

security.show.folders.where.user.can.see.subobjects = false

 

and see if it does what you want.

 

Note, users will be able to see folders but not groups…    you want all users to be able to see all groups but not members?  Maybe make a group of people who can see everyone (add all your active people in there or from reference group), and assign an inherited priv on the root folder that says that group can VIEW all groups and attributes.  Then your active people can see things exist.  Note, I don’t really recommend using EveryEntity since you cant restrict that in future and it might not be what you really want.

 

Thanks

 

 

From: On Behalf Of Olivier Salaün
Sent: Wednesday, March 25, 2020 11:49 AM
To:
Subject: [grouper-users] How to define stem navigator privileges

 

After an upgrade from Grouper 2.2.2 => 2.4.0 we noticed a difference regarding stem navigation in th GUI.

With Grouper 2.2.2 any logged in user could navigate through the stems/groups. However he could not view group members, unless he was member of the group listed in groups.wheel.readonly.group properties. This behavior was suiteable for us.

With Grouper 2.4.0 (with parameters from 2.2.2 maintained) any logged in user can no more navigate through the stems/groups. Here is what he sees :

 

I went through the wiki, changelog and grouper-ui-ng.base.properties properties, but could not find a way to change this behavior.

Is this a known change from 2.2.2 to 2.4.0?

Is there a property to customize this behavior?

 

Thanks you

-- 
Olivier Salaün
DSI / pôle SI / équipe SNUM
Tel : 02 23 23 74 54



Archive powered by MHonArc 2.6.19.

Top of Page