Hello all,
I am very sorry about the delay I caused to the release of XE 1.2.
The new Rights Management interface is almost ready. It includes the following features:
1. Users management
2. Groups management
3. Rights management
The things that I already implemented:
1. For Users management:
- currently in xwiki all the users are displayed all at once in Administration > Users & Groups as a long list of links to the users profile pages; in order to provide a real-time management of the users I used a table interface in which users are displayed dynamically (the users objects are loaded with ajax, as the administrator scrolls down in the table); the nice feature about this is that if the admin scrolls down at the bottom of the table, only the last users (alphabetically taken by the username) will be loaded and so on... the number of users to display at once can be modified ( I am thinking to add this option in Preferences, WDYT? )
- the table currently display 4 columns: username (link to that user profile page) , first name, last name and a management column with 2 buttons (edit and delete)
- also, at the moment, i have implemented dynamic filters (filter as you type) for username, last name, first name (separately or all) and there is a select box with 3 options to dynamically display Local users, Global users (from the main wiki in a multiwiki environement) or Both (maybe this should also be a setting in the preferences? WDYT?)
- I am planning for the future to add a dynamic sorting algorithm to the table (currently users are sorted by default from the api, alphabetically, ascending for all the 3 columns) but this will demand more time to develop
- right now i have implemented the deletion of a user (when the delete button next to an user is pressed, the user's document will be deleted with ajax)
- the edit button (currently half-implemented) will open an ajax lightbox that will display the inline editing of that user's profile and the save will also be done dynamically)
- also, i already made the script to add a new user (register and add it in the table; the table will remain sorted and display the location in it where the user was added) but i have to display a button that will trigger the lightbox; the lightbox will contain the register form for a new user;
- for the global users, the table will provide only a view, without editing and delete buttons (because a global user cannot be deleted or edited from a local wiki)
- also for the future (the velocity code already implemented) I am thinking to add another button next to the user to automatically display, in a nice tooltip, all the groups the user is member of (and with a link to the each group - WDYT?)
2. For Groups management:
- the interface uses a user-like ajax table, with the difference that for groups i display only the groupname (link), the number of members in that group and the manage column;
- the edit button will also open the lightbox and allow to view all the users in that group, paginated with javascript ( i wanted to use the same ajax table to load all the users in the group but currently the api does not allow that, so i have to take all the objects "
XWiki.XWikiGroups" and make a js pagination of the table);
- also, currently a group can contain XWiki.XWikiGroups objects, which have only a field called Member - a user name ( or a usernames list? i am using to add one member at the time); to add a subgroup in a group, the only possible way right now is to add all the users in the subgroup in the group, being careful not to duplicate the users; this is possible because in the editing mode for a group, besides the table that contains all the members of that group, each with a delete button next to it, I have 2 inputs with ajax suggest: one used to add only one user to the group and the other one used to add another group to the current group -> this will be done, as I said, by adding all the users from a group to another (I've spoken with Sergiu and Thomas and I don't know another way to do that right now because there is no difference in a
XWiki.XWikiGroups object to tell which member is a group and which is a user - maybe in the future WDYT?)
3. Rights management:
- the rights management interface is table-based as specified on the Idea (
http://www.xwiki.org/xwiki/bin/view/Design/ImproveRightsManagement); the administrator can select to see the rights for users or groups, local or global or both.
- there is a column with the username/groupname and link to the profile and the columns for rights: view, commend, edit, delete, admin (only at global and space level), programming (global level, only main wiki) , register (only global level).
- in the table there are displayed all the users or groups, taken with ajax, and for each right there is a 3-state checkbox: by default, if the user has no right set for the current level (document, space or global entry) the checkboxes are empty; one click and the respective right is allowed, 2 clicks and the right is deny (is circular);
- there are buttons to save, revert or clear all the rights (removes all the rights entry for that user or group) - all dynamically, all already implemented and working
- what i did not implemented yet is this part:
"Visual understanding of rights inheritance (rights from the upper level replace or not at the current level); The interface should show a column "greyed" if no rights are set for
this column (it means rights are inheritated). We should see the
inheritated rights checked (we need an API to find an inheritated right
since it does not exist now). At the global level we heritate rights
from the default (always authenticate in view, always authenticate in
edit, admins are heritated from global wiki in multiwiki mode or are
not heritated)When you ungrey the column then we can start from the heritated rights.
If you grey again the column no rights should be saved for this column."
I did not implement that because i don't know how to take the inherited rights for a user/group. As for the interface part, this is very simple, i can have a 4-state checkbox, with the greyed state first, but I have to be able to take in velocity the inherited rights. ( I need help to understand how to do that )
- also I have not implemented yet the "optional admin panel can give quick acces to admin actions (global rights, space rights, user management, groups management"
, but i can use the same lightbox with some links for this matter or a xwiki panel (WDYT?)
Currently, for the non-js users the old interface will be enabled. Should I make the old interface reachable no matter if the user has or no js activated? Like an option in the Preferences maybe? WDYT?
So, I would love to show you some screenshots or link but tonight I am afraid it won't be possible. Reasons: I have transferred my work on the laptop I will use at work because I needed to reinstall the system on my personal laptop and I don't have the necessary software to run the project yet (eclipse, maven). Tomorrow morning I will have a server up and running. I also make a first patch tomorrow and put it on Jira. By Monday I will implement the add button, the lightbox display for registering a user and i will make the difference between space admins and global admis (as Sergiu told me, is a matter of a line or two in velocity code in the interface files and Thomas made methods for that in the api); also if it is urgent, the panel with the links to administration.
So, that's all right now. I made a mistake because I should have written more often on the devs and ask for guidance but as I am a begginer and also have a limited time to work, I still have to learn to be part of a community. I am really sorry for the delay I caused. It won't happen again :)
Thanks,
Evelina