Forum OpenACS Development: Permisions problem and request for feature
I am been doing some permissions lately. For example I have this kind of site
main site --sub site 1 -- file-storage -- ticket-tracker -- bboard --sub site 2 -- file-storage -- ticket-tracker -- bboard --sub site X -- file-storage -- ticket-tracker -- bboard
It I want to restrict the access to sub site 1 to X. I then remove the inherit from Main site in permissions. Then grant it to a particular group. The problem is file-storage, ticket-tracker, bboard are not children of sub site 1 but Main site. I then have to do the same steps on what I did to sub site 1, remove inheritance and grant inheritance. I have X amount of subsites and it would be hard to go through each file-storage, ttracker and bboard.
Is this really the behavior that we want in the permissions? May be it should inherit the parent node not the root node? As a quick hack is there something like pointing a parent object_id to inherit too? So I will just to the point each file-storage, tticket, bboard to its respective sub site.
I agree, I'd expect file-storage to inherit from its respective subsite.
You can do it straight n psql/sqlplus, right? "update acs_objects set context_id = ... where object_id = ...". But wait, that breaks the "cache" table. But maybe there's a way to flush that. Don't know.
It would be nice to build into the site map interface the ability to pick what node to inherit from. Sometimes it's better to use the node above you instead of the subsite you are in.
I have placed the new feature in the SDM. Its my first post to the SDM. Kinda weird because I have done mostly direct email to the module maintainers. I promise to use the SDM more.
I have already tried your suggestion once before posting this question. Its did not work for me. So posted this question. Anyway if your suggestion does work please tell us. Thanks.