How to manage Roles in Ckan 2+ - customization

I've installed CKAN 2.2 and now I try to manage my organizations users and have a coherant workflow so i search how to manage roles (add new ones, what options are avaiable, delete etc.).
On google, I've find a possible way by using the "paster" command but that was only doable for versions 1.9 and less.
I never used an API before and i tried to used the CKAN one, but I do not find in the latest guide a way to do what I want.
I hope you'll help me,
potatoe

CKAN has roles, but they're only relevant in the context of organizations. Inside an organization, there can be a member, editor, and admin. These permissions are fairly fixed and not easily changeable. What is possible is overriding the auth functions to do what you want.
Besides this, there can be sysadmin users on CKAN itself who have all the rights.

Related

django-oauth-toolkit - provide application access to specific model

I have a concept of Slack's workspaces in my app and I'd like my consumers to specify to which "workspace" they are installing an app.
Even though I can see that I can extend an Application model, it doesn't really help.
Is there some best practise I could apply here? I've read the documentation several times. I was thinking of the following 2 workarounds, but there must be a simpler way for this.
1) First let user to authorise an app with his account and later let him to apply it to the workspace simply by creating some model and checking this on API/view layer. The problem here is that user experience is not as smooth as on Slack or Github where you select what entities you want an app to have access to when approving an app.
2) Extend Grant & Token models with a reference to a Workspace. In that case I'm struggling with adjusting forms, since I can not override them in a settings. (I can do that for models & templates).
Do you maybe have some idea how to do this? Thank you

Should there be auth on communtity website?

I'm enhancing the website architecture for an open-source community. I want to provide some options(or features) to authenticated users only because an open-source community always contains thousands of members which leads to a chance of spamming. I'm adding OAuth using GitHub which can prevent user spamming.
All I would like to know whether should I add OAuth on an open-source community website or not? Is it a good practice? or there is some another way I should do to prevent user-spam?
I want to prevent spamming, for example, user-2 can not update the profile of user-1 (just an example don't want to achieve this task)
If you are not building an anon targeted website, then yes, user profiles are a need. If your website user flow suggests editing other user's profiles, you can allow it in django, but why? User profiles usually are only editable by owners.
Research what OAuth provider your users might prefer. django-allauth and similar apps give you a way to easily add OAuth of any of hundreds of providers, so it's only a question what your users want to use.

Facebook api: get a list of apps a specific user is admin

I'm trying to retrieve a user's apps list. I use manage_pages permissions as stated in the docs. But it only gives me the pages I administer and not my apps (I have about 8 apps in my account).
What can be the cause? Maybe it's only specific types of apps? Maybe I need to turn a flag in my app setting for it to show?
Earlier it was possible with the following endpoint, but it is deprecated: /me/applications/developer
Afaik there is no way to get the list of applications anymore.

django cms permissions per language

It is very easy to give permissions to edit a specific page in django cms
However, I didn't find a way to give a permission to edit a page in a certain language.
It's a very common scenario, I have my Spanish, Russian and English editors, and I want that everyone will be able to edit only the pages in their language.
Is there a way of doing it that i'm missing? and if not, what can be done to solve it?
At this moment there is an overhaul done of the page permission in Django CMS. One of the things they want to solve is Permission per language.
https://github.com/divio/django-cms/issues/4598
If everything goes well, it will be released in DjangoCMS 3.4
As of today, there is no way to set permissions on a page+language basis.
The remaining options are to submit a feature request or fork django-cms and implement on your own.

package domain, role and user on sitecore

I am new to sitecore.
I have a question regarding packaging Domain and Roles on sitecore (we are using sitecore 6.3.1).
I am packaging content from our dev box to stage and I would like to transfer the Domain, Roles and user created on dev to stage.
The package designer shows a button called 'Security Accounts'. I added the specific user \ who belong to the specific domain and role.
On installing the package to stage site, it throws an error 'blah domain not found, cannot create user'.
So the question is, do i have to create a domain manually on the stage server before I install the user? or is there a way where I can copy the domain and roles to create the user?
Help much appreciated.
I have discovered that the domains are stored in /App_Config/Security/Domains.config and you can migrate between installations simply by copying or editing this file.
Or you can create the domains manually via the Security Domain tool.
Either way the domain must exist before you can install a package with users or roles.
If your target solution doesn't have the domain the user lives in, you'll have to create it manually. However, the roles can be transferred via package the same way as users. If the user A is in role B, and you don't add role B to the package, there should not be any error - simply the user A won't be a member of the role B on target environment.
I would think the answer Yan comes with would work with domains.
But you might need to have the Domain(s) in a package which you install first, or have it as the first "part" of your package, so it gets installed first.