Forum OpenACS Development: Forums upgrade

Collapse
Posted by Malte Sussdorff on
Out of curiosity. Has anyone else stumbled over the fact that "forum_read" permission was changed to "read" but noone bothered to write an upgrade script for forums that sets all "forum_read" permissions to "read"?

Maybe I'm blind, but this is one of the things I stumbled over at the openacs.org upgrade. In previous upgrade sessions this did not matter as the upgrade was already done after the "forum_read" switch.

How did this work at MIT Sloan?

Collapse
2: Re: Forums upgrade (response to 1)
Posted by Malte Sussdorff on
The permission problem is not limited to Forums, it occurs in the member view as well. What I can tell is that the people are still registered as members of the community by .LRN but the permissioning system is unaware of this.

This happened after the upgrade of dotlrn.org from 2.0.3 to 2.1.1 and nothing went wrong during the upgrade using the APM or using the /acs-admin/install way (which is one of the reasons it just appeared now as a problem).

Any idea / clue what might have gotten wrong there ?

Collapse
3: Re: Forums upgrade (response to 1)
Posted by Don Baccus on
Can you look in CVS to see who made the perm change? It's a good idea to collapse permissions but whoever does it MUST write upgrade scripts.

And just changing to "read" alone isn't right, I would hope that whoever did this changed "write" and "admin" and "edit" and "delete" as well.

Collapse
4: Re: Forums upgrade (response to 1)
Posted by Malte Sussdorff on
I detected this error caused by the ACS Kernel Parameter PrivacyControlEnabledP set to 1. Most likely in the 2.0.3 system this had no effect on Forums and Members portlet, but in the meantime someone added this, so that Private Data cannot be read by anyone. If someone could explain me though why forums in a .LRN instance are considered private data, this would be great. The privilege necessary is "read_private_data". I fixed it by setting the Parameter back to 0.

Therefore it seems not to be a forums privilege problem, despite the fact that I still have a lot of forums_read permissions in the system.

Collapse
5: Re: Forums upgrade (response to 1)
Posted by Malte Sussdorff on
Digging into this furhter, .LRN automatically sets the Parameter to "1" on startup. Can someone please explain, why this is done and how an upgrade from a previous version is supposed to set the "read_private_data" privilege ?
Collapse
6: Re: Forums upgrade (response to 1)
Posted by Andrew Grumet on
Hi Malte, regarding the initial post, we basically went through the code, fixed the problems as they occurred, and either applied the fixes back to openacs or reported them.
I do remember fixing this one and reporting it to someone (can't remember who) but it sounds like it fell through the cracks.

Here is the script we used:

update acs_permissions
set privilege = 'read'
where privilege = 'forum_read';

update acs_permissions
set privilege = 'write'
where privilege = 'forum_write';

update acs_permissions
set privilege = 'create'
where privilege = 'forum_create';

Collapse
7: Re: Forums upgrade (response to 1)
Posted by Andrew Grumet on
If someone could explain me though why forums in a .LRN
instance are considered private data, this would be great.

Each forum post shows the name of the author. In the US, the law says that "privacy" means "someone outside the community can't see the names of the people enrolled in a class". The current solution is to restrict Guest visitors from viewing the forums.