Forum OpenACS Development: Re: Exposing all of OpenACS/]po[ via REST

Collapse
Posted by Frank Bergmann on
Hi Dave,

Sorry, you are right, you found a dependency on the ]po[ "intranet-core" package. However, there are not many of them, and they are very basic and not at the core of the REST interface. The dependencies are mostly permission checks that allow a ]po[ admin to configure user permissions to the various object types:

- im_valid_auto_login_p: Just create a stub that returns "1". For details please check intranet-core/tc/intranet-defs-procs.tcl, the procedure tests if a "auto-login token" is a valid hash of the user's password...

- im_security_alert_check_integer: Just create a stub that does nothing. The procedure performs a security check if the argument is an integer or a list of integers.

- im_header, im_footer and im_navbar: Please replace with ad_header and ad_footer or similar...

- im_object_permission: Please create a stub returning 1.

- im_permission: Please create a stub returning 1.

- im_url_with_query: Replace with "[ad_conn url]?[ad_conn form]" or similar

- im_is_user_site_wide_or_intranet_admin: Please create a stub returning 1.

- The package references a few ]po[ object types and branches into custom treatment for these types (im_categories and im_invoice_items). You can just remove these.

- The /www/index.tcl file references im_object_permission_p, which you can replace by a stub returning 1

- The intranet-rest-create.sql file will try to update a few metadata fields in acs_object_types which are extensions for ]po[, you can safely ignore them. You can also ignore any issue related to the fields im_rest_object_type.object_type_status_id and object_type_type_id and its catagories. These fields are not used, you should remove the not null and the RI constraints from the database table definition.

Cheers!
Frank

Collapse
Posted by Dave Bauer on
Hi Frank,

I am interested in the implementation of permissions. Can I just examine the intranet core package itself to learn more how these work?

I have been disucssing a similar implementation to enable REST style calls for Ajax enabled user interfaces so this is very useful work.

Thanks
Dave

Collapse
Posted by Frank Bergmann on
Hi Dave,

> I am interested in the implementation of permissions

Then I would recommend you to download the file project-open-Update-3.4.0.8.0b.tgz from https://sourceforge.net/projects/project-open/files/, remove all duplicate packages and install the intranet-* packages. That should just work on top of a standard OpenACS 5.3 or 5.4 installation, at least we've successfully tested it a year ago.

Or just download one of the ]po[ installers from that Web site and install intranet-rest.

In about an hour I'll be available on Skype:frankxbergmann if you need help. I'd be happy to explain you about ]po[ "application permissions", which are based on the OpenACS permission system, but which contain application specific business logic.

Cheers!
Frank