Forum .LRN Q&A: Response to new user creation

Collapse
Posted by Jim Lynch on
I ran into this too...

say you take the following steps... (Note: DUE CAUTION. Don't do this on a non-experimental server!! READ FIRST. OK, warning over :)

Actually, don't -do- this; I just meant it as a scenario; follow in your mind, recalling how you installed your dotlrn.

  • drop the database for your service
  • create a new one of the same name
  • go thru all the steps to install openacs, including:
    • visit the new site url, which offers to install the kernel
    • push the "install kernel" button; it then does so
    • it then offers to install the core packages; push that button too; when it's done, there will be a Next button at the bottom; push it, then
    • create the initial user, which is the site's first and (so far) only admin
    • restart the server
  • when it comes back, log in as the user you just created
  • go to the package manager, install all remaining packages
  • restart the server (this restart may be unnecessary; not sure)
  • create mount points for dotlrn, notifications, attachments
  • create the new applications for the above mount points
  • restart the server
  • log in as the admin user
At this point, you have dotlrn installed, and you're logged in as the admin user, assuming things went as in the above outline.

If you visit dotlrn now, you will generate a "request-for-admin_user-to-approve(admin_user)". In english: you, who are the site-wide admin, visited /dotlrn, which is so tightly controlled it won't even let you in, until you let you in.

Hence, you get the "Pending(1)" under /dotlrn/admin/users, and everything else (0), and when you go to the link, you will find it is you yourself, and can open the door for yourself.

Once you do, then your admin user is now also a dotlrn user, which (s)he wasn't before.

That's how it works...

I'm wondering if it'd be possible for the security to be loosened to "open" dotlrn join policy, by way of an appropriate UI?