Guest security in 1.1-beta-3

[Tom Schneider <sc...@gmail.com>]

I'd like to configure the guest account in Continuum 1.1-beta-3 to work like
it did in 1.0.3.  The guest account should only be able to see the projects
and kick off a build manually, but not add a project or do any other
administrative tasks. (Essentially the guest behavior in 1.0.3)  Is there a
way to do this?  

None of the built-in roles support this subset of access.  From what I can
tell, the role 'Continuum Group Project User' allows a user to see the
projects, but not kick off a build manually.  The role 'Continuum Group
Project Developer' allows a user to kick off a build, but also to added new
poms and other stuff that I don't want guest to do.
-- 
View this message in context: http://www.nabble.com/Guest-security-in-1.1-beta-3-tf4594648.html#a13116972
Sent from the Continuum - Users mailing list archive at Nabble.com.

Re: Guest security in 1.1-beta-3

[Tom Schneider <sc...@gmail.com>]

Thanks for the pointers to the source.  After I looked a little closer, I
realized the guest user only had access to add new modules to the existing
project, not to add new project groups.  This seems reasonable to me.  (Or
at least not a big enough deal for me to dig into the source code)  I would
be more concerned about letting guest users add new project groups.  I've
just finished migrating most of our existing projects over to 1.1-beta3, so
overall I've been pretty happy with 1.1.

OT: I did checkout hudson to see where they are at.  With hudson, the big
missing functionality for me was it doesn't pick up email notifiers from the
pom for build notification.

Thanks for your assistance,
Tom


Emmanuel Venisse wrote:
> 
> Look at this file
> (http://svn.apache.org/repos/asf/maven/continuum/trunk/continuum-security/src/main/resources/META-INF/redback/redback.xml),
> it defines all roles and inheritence between each roles.
> If you write a patch, I don't think it will be in 1.1 but you'll have it
> for your instance.
> 
> Emmanuel
> 
> 

-- 
View this message in context: http://www.nabble.com/Guest-security-in-1.1-beta-3-tf4594648.html#a13224776
Sent from the Continuum - Users mailing list archive at Nabble.com.

Re: Guest security in 1.1-beta-3

[Emmanuel Venisse <em...@venisse.net>]

Look at this file (http://svn.apache.org/repos/asf/maven/continuum/trunk/continuum-security/src/main/resources/META-INF/redback/redback.xml), it defines all roles and inheritence between each roles.
If you write a patch, I don't think it will be in 1.1 but you'll have it for your instance.

Emmanuel

Tom Schneider a écrit :
> Could this be split out, or is it too late for 1.1 series?  I'd be willing to
> create a patch if I can figure it out.  This is a critical enough issue for
> us that I'm considering taking another look at hudson.
> Tom
> 
> 
> Emmanuel Venisse wrote:
>>
>>
>> Tom Schneider a écrit :
>>> I'd like to configure the guest account in Continuum 1.1-beta-3 to work
>>> like
>>> it did in 1.0.3.  The guest account should only be able to see the
>>> projects
>>> and kick off a build manually, but not add a project or do any other
>>> administrative tasks. (Essentially the guest behavior in 1.0.3)  Is there
>>> a
>>> way to do this?  
>>>
>>> None of the built-in roles support this subset of access.  From what I
>>> can
>>> tell, the role 'Continuum Group Project User' allows a user to see the
>>> projects, but not kick off a build manually.  The role 'Continuum Group
>>> Project Developer' allows a user to kick off a build, but also to added
>>> new
>>> poms and other stuff that I don't want guest to do.
>> The build role is a part of the project group developer and can't be
>> split.
>>
>> Emmanuel
>>
>>
>>
> 

Re: Guest security in 1.1-beta-3

[Tom Schneider <sc...@gmail.com>]

Could this be split out, or is it too late for 1.1 series?  I'd be willing to
create a patch if I can figure it out.  This is a critical enough issue for
us that I'm considering taking another look at hudson.
Tom


Emmanuel Venisse wrote:
> 
> 
> 
> Tom Schneider a écrit :
>> I'd like to configure the guest account in Continuum 1.1-beta-3 to work
>> like
>> it did in 1.0.3.  The guest account should only be able to see the
>> projects
>> and kick off a build manually, but not add a project or do any other
>> administrative tasks. (Essentially the guest behavior in 1.0.3)  Is there
>> a
>> way to do this?  
>> 
>> None of the built-in roles support this subset of access.  From what I
>> can
>> tell, the role 'Continuum Group Project User' allows a user to see the
>> projects, but not kick off a build manually.  The role 'Continuum Group
>> Project Developer' allows a user to kick off a build, but also to added
>> new
>> poms and other stuff that I don't want guest to do.
> 
> The build role is a part of the project group developer and can't be
> split.
> 
> Emmanuel
> 
> 
> 

-- 
View this message in context: http://www.nabble.com/Guest-security-in-1.1-beta-3-tf4594648.html#a13119043
Sent from the Continuum - Users mailing list archive at Nabble.com.

Re: Guest security in 1.1-beta-3

[Emmanuel Venisse <em...@venisse.net>]

Tom Schneider a écrit :
> I'd like to configure the guest account in Continuum 1.1-beta-3 to work like
> it did in 1.0.3.  The guest account should only be able to see the projects
> and kick off a build manually, but not add a project or do any other
> administrative tasks. (Essentially the guest behavior in 1.0.3)  Is there a
> way to do this?  
> 
> None of the built-in roles support this subset of access.  From what I can
> tell, the role 'Continuum Group Project User' allows a user to see the
> projects, but not kick off a build manually.  The role 'Continuum Group
> Project Developer' allows a user to kick off a build, but also to added new
> poms and other stuff that I don't want guest to do.

The build role is a part of the project group developer and can't be split.

Emmanuel

Re: Guest security in 1.1-beta-3

[Dan Tran <da...@gmail.com>]

I am experiencing the same issue, +1 to get this feature back.
want to file a JIRA ?

-D

On 10/9/07, Tom Schneider <sc...@gmail.com> wrote:
>
> I'd like to configure the guest account in Continuum 1.1-beta-3 to work like
> it did in 1.0.3.  The guest account should only be able to see the projects
> and kick off a build manually, but not add a project or do any other
> administrative tasks. (Essentially the guest behavior in 1.0.3)  Is there a
> way to do this?
>
> None of the built-in roles support this subset of access.  From what I can
> tell, the role 'Continuum Group Project User' allows a user to see the
> projects, but not kick off a build manually.  The role 'Continuum Group
> Project Developer' allows a user to kick off a build, but also to added new
> poms and other stuff that I don't want guest to do.
> --
> View this message in context: http://www.nabble.com/Guest-security-in-1.1-beta-3-tf4594648.html#a13116972
> Sent from the Continuum - Users mailing list archive at Nabble.com.
>
>