Forum OpenACS Q&A: Is this a case for subsites?

Collapse
1: Is this a case for subsites?
Posted by Janine Ohmer on 09/20/06 02:59 AM
I have a client who wants to build two OpenACS sites. They are sort of like Siamese twins. The sites each have their own domain name, and they look different. Some of the data to be stored is confidential, and so groups must be used to control what area of each site each user can access. The two sets of users will have a fairly large intersection, and should have the same group membership in both sites. Users will authenticate against an external Radius server instead of having local logins.

At first glance this looks like a good use of subsites, but the shared data seems like a problem. For example, there will be a lot of text content (probably stored in xowiki) and some of it needs to be viewable from both sites, though one of them can be designated as the only one that gets write access to it. I have not looked closely at subsites yet but this does not sound like how I understood them to work.

Any suggestions as to the best way to approach this?

Thanks in advance!

Collapse
2: Re: Is this a case for subsites? (response to 1)
Posted by Janine Ohmer on 09/22/06 02:47 AM
To expand on this, I have a question about how subsites work. I've been experimenting with them and I'm not sure if I've found a bug or a feature. :)

I made a subsite, then from it's admin pages I made a group type and group. Now when I go to it's Permsissions page, there is a row of check boxes, with no name listed, above the System Administrators line.

I have a second subsite, so I went over to see what it was doing. It also sees the group type and group, but does not have this mystery permission.

I've looked at the code and can see that this is a nameless acs_object, but have not yet figured out how it came to be or why it has no name. My group and group types are both named.

This code was checked out on the oacs-5-2 tag a couple of days ago, so it doesn't correspond to any release.

Any suggestions? Do I need to go back to the 5.2 tarball?

Collapse
3: Re: Is this a case for subsites? (response to 2)
Posted by Janine Ohmer on 09/22/06 05:34 AM
I figured out the problem, but not how to fix it.

In acs-subsite/www/admin/groups/new.tcl, the name of the new group is collected from the user in groups.group_name. This value ends up stored in acs_object through some form builder mojo in groups::new (acs-subsite/tcl/group-procs.tc) that I don't fully understand. After that it gets run through convert_to_i18n, but the same mojo does not happen there, and I can't seem to get at the value myself to pass it on to convert_to_i18n. The end result is that my nice group name gets converted to an i18n key with a blank message associated with it.

I'll file a bug. Fortunately, for my purposes I can comment out the call to convert_to_i18n, since I don't need it.

Collapse
4: Re: Is this a case for subsites? (response to 1)
Posted by Janine Ohmer on 09/22/06 06:06 AM
Last comment/question for the night...

It appears that group types are available to all subsites, regardless of where they were initially created, but groups only show up in the subsite that created them. So it appears that for users that need to be able to access both subsites, and belong to groups that can see private data, they'll have to be added to both subsites *and* added to both groups. Although this works, it's not quite what the client had in mind.

Does it sound like I am understanding this correctly? Is there any documentation that explains this stuff? I've read what I could find but it's the original aD docs and not very helpful.

Collapse
5: Re: Is this a case for subsites? (response to 1)
Posted by Dave Bauer on 09/22/06 01:37 PM
Hi Janine,

Is it true that your plan is to have two subsites, under the Main Subite? That there will be some members who will have access to both subsites, but not all?

From what I have learned about permissions and groups in OpenACS, you will need to add those users who need to read both subsites, to the groups for those subsites.

The original idea of subsites, afaict was to have some content that could appear in two different subsites, and users would be restricted to just the subsite they were a member of. In this case, the users only are in one subsite, but teh shared content (somehow) shows up in both places. Most likely this was intended to be accomplished by mounting a package in both subsites.

I don't know of anyone using OpenACS this way, so we need to take what exists, and mold it to our needs, I guess you need some way to setup a user so it will be amember of two different groups easily.

Collapse
6: Re: Is this a case for subsites? (response to 5)
Posted by Janine Ohmer on 09/22/06 03:23 PM
Thanks, Dave - at least now I know I'm not misunderstanding how these work. This is the first time I have needed to build a site like this. Never a dull moment, eh? :)