Forum OpenACS Development: issue with security context inheritance in the news package design

Collapse
1: issue with security context inheritance in the news package design
Posted by Mark Aufflick on 12/24/02 02:49 AM

As per the design spec in packages/news/www/doc/design.html
Note that different package instances of the News application can be distinguished by the column 'package_id' (and not by the inherited context_id in acs_objects). We therefore need only a single cr_folder named 'news' to hold all news items.
there is only one cr_folder holding all the news items. When the news items are created they get a context_id of the cr_folder. Since this folder is not associated with anything in particular, it has a context_id of -100. The problem with this is that permissions set on a mounted instance of news are meaningless, so you can't for instance grant general_comments_create to The Public on a mounted news app and have the permission bubble through.

Because I have only one mounted instance I changed the context_id of the cr_folder to the id of the mount instance - but I'm struggling to think of a generic solution without changing the one folder deign...

Any ideas anyone?

Collapse
2: Re: issue with security context inheritance in the news package design (response to 1)
Posted by Dave Bauer on 12/24/02 12:57 PM
The context_id of the news items should be set to the news package_id. Then the news items would properly inherhit from the parent package.

I checked and now no context_id is set when a new news item is created.

I haven't looked deep enough into the news package, but I think just fixing the pl/pgsql function that creates the news item would solve this problem.

Has anyone else looked into this?

Collapse
3: Re: issue with security context inheritance in the news package design (response to 1)
Posted by Dave Bauer on 12/24/02 05:49 PM
Oops,

I was wrong. Although the news__new pl/pgsql function does not define context_id, the content_item__new function sets the context_id to the parent_id which in the case of news is the news folder.

So it looks like the news package should set the context_id of the news content_item to the package_id instead of leaving it null to accept the default of the parent_id.

Collapse
4: Re: issue with security context inheritance in the news package design (response to 1)
Posted by Don Baccus on 12/24/02 06:13 PM
Another possibility is to create a news folder for each mounted package instance and drive permissions that way, despite the earlier design.

This would be more consistent with the intended use of the CR anticipated in its design.  News isn't the only package that only creates a single folder, though.

Probably worth thinking about ... especially since there's a fair amount of sentiment to legitimatize use of context_id as a physical parent_id (though that issue's not settled and the CR does have an explicit parent_id in its datamodel).

Collapse
5: Re: issue with security context inheritance in the news package design (response to 1)
Posted by Robert Locke on 12/26/02 03:48 AM
In the meantime, should I go ahead and update the context_id to use the package_id for both Oracle and Postgres on 4.6 and the HEAD?
Collapse
6: Re: issue with security context inheritance in the news package design (response to 1)
Posted by Dave Bauer on 12/26/02 05:23 AM
Robert,

That would be great. THe call to content_item__new should pass the package_id for the context_id parameter I believe.

Collapse
7: Re: issue with security context inheritance in the news package design (response to 6)
Posted by Robert Locke on 12/26/02 05:53 AM
Oops!  Forgot to ask.  Should I patch the code directly or create an upgrade script?  And, if the latter, where can I learn more about creating upgrade scripts?
Collapse
8: Re: issue with security context inheritance in the news package design (response to 1)
Posted by Jun Yamog on 12/26/02 11:47 AM
Hi Rob,

There is an item on things 2 remember.  Last item on developing SQL.

http://www.infiniteinfo.com/openacs/things2remember.html

This thread maybe helpful too:

https://openacs.org/forums/message-view?message_id=32269

Happy Holidays!

Collapse
9: Re: issue with security context inheritance in the news package design (response to 1)
Posted by Mark Aufflick on 12/26/02 05:22 PM
I agree with everyone ... and i'm not sure how I got out of doing the work since I started the thread ;)

Jun, your "things to remember" page looks nice - I have printed it out for reading material in the loo (note: reading material, not wiping material ;) it joins the likes of the economist and forbes magazine, so it's not a bad thing!)