25 Oct
2010
25 Oct
'10
11:32 p.m.
Hi!
Sergiu Dumitriu wrote:
I see now how hard is to figure out a text that could be useful for the
whole XWiki community. For us, here, some think like this...
"Log-in... to recover access to Space.Document and other documents with
restricted access"
Being Space.Document the current document when the user logged out. The
length of the document Space and Name could be a problem to accommodate
the string in the space available... Something like this...
http://ebiotic.net/bin/download/ICT/CustomizedLogin/loginXWikimod.png
I can of course customized our own login.vm. This work is on its way.
Well... impressive. I've slightly followed this thread as I was not
actively following XWiki development last June. I must apologize about
that. As stated by several contributors, rights management are not an
easy thing, even less when inheritance is involved. I've been struggling
to understand the proposal and I think I get it. And I do like at the
extend I am able to understand the background of rights management in XWiki.
But the "problem" for me here, right now, is to find an easy way, as
easy as possible, to show an user, probably an user that doesn't matter
at all about XWiki interiors, what other users/groups can do what with a
given document. Namely, who can read and/or edit a document.
The use case is simple: given a document containing some contents set to
private, an user, an also an administrator, feel her/himself more
confortable if she/he can see, let's see, in a tab in the same row where
comments, attachments, history and information, or even within the
information tab itself, what other users can read and/or edit the
current document.
Users who what to customized this access policy, whatever regular users
or administrators, must deal with the new rights management interface.
In the current state of development, as for XE/XEM 2.4.1, to see, out of
the box, what users can read/edit a given document, the user must set
his/her user type as advanced, go to the document, edit > access rights,
browse through users and groups to see what rights are set. I know that
in many other systems is not simpler than this, but my concern here is
to transform XWiki in "the system".
So, yes, I mean a kind of read-only version of the rights editor,
listing only the entries with some rights set.
Thanks for your time,
Ricardo
--
Ricardo RodrÃguez
CTO
eBioTIC.
Life Sciences, Data Modeling and Information Management Systems
On 10/19/2010 08:30 PM, [Ricardo Rodriguez] eBioTIC.
wrote:
A lightbox will be nice. What I would like to avoid is that an users
that "decide" to log in, is moved to a different page to perform that
action. A lightbox will allow him/her to "see" the page from where
he/she hits login and, at the same time, username and password fields
and recover username and password links are not visible in the browser
"desktop". I do like this option. Thanks.
Hi,
I would like to share with you three proposals about XE/XEM. I've not a
clear idea about the cost in terms of "programming effort", but I would
like to know if you consider them suitable.
1. In a XE/XEM default installation I think it would be better to
include the username/password fields and the links "Forgot your username
or password?"utilities in the headerglobal area. That way, users will
not be redirected to a different page and can easily see changes in
their current one (the one from where they are logging) once they are
authenticated.
This can be done if you change your skin. For example, this is what
Curriki does: http://curriki.org/
I don't like this for the default, but I'd like the login to be done in
a lightbox sometime soon (2.7?).
2. On log out, if the user has not access to
his/her current page, it
will be informed with a message. Currently you "only" get redirected to
the log in page. Users with concerns about who access contents they have
created or are responsible of, will be happier with this information
message.
Can you provide a draft text?
3. To show in the Information tab or in an /ad
hoc/ tab adding some
administrative capabilities (granting/revoking access rights, for
instance) what users/groups have what rights on the current document.
You mean a kind of read-only version of the rights editor, listing only
the entries with some rights set? I don't find it that useful right now.
Could you look at
http://incubator.myxwiki.org/xwiki/bin/Improvements/Rights ?
All these
three proposals/ideas are mostly oriented to the use of XWiki
based information systems developed for groups with requirements about
access control and access monitoring. Nothing weird in industrial
environments, nor in biomedical ones.