You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@guacamole.apache.org by "Mike Jumper (Jira)" <ji...@apache.org> on 2022/01/04 05:45:00 UTC

[jira] [Commented] (GUACAMOLE-1487) Allow settings to apply to all users

    [ https://issues.apache.org/jira/browse/GUACAMOLE-1487?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17468367#comment-17468367 ] 

Mike Jumper commented on GUACAMOLE-1487:
----------------------------------------

{quote}
There are several existing Jira issues that seem to rely on being able to store information or apply settings to all users of the Guacamole system.
{quote}

Hm ... like a database-driven alternative to {{guacamole.properties}}?

What would be the non-setting use case for system-wide information storage?

For the case of permissions that apply to all users, I think something like a standard "Authenticated Users" role could make sense. Are you referring to a specific use case here?

> Allow settings to apply to all users
> ------------------------------------
>
>                 Key: GUACAMOLE-1487
>                 URL: https://issues.apache.org/jira/browse/GUACAMOLE-1487
>             Project: Guacamole
>          Issue Type: New Feature
>          Components: guacamole-client
>            Reporter: Nick Couchman
>            Priority: Minor
>
> There are several existing Jira issues that seem to rely on being able to store information or apply settings to all users of the Guacamole system. Presumably this could be accomplish one (or both) of a couple of different ways:
> * Add a guacamole_system_attributes table that can store arbitrary data that can be used for the entire system. There is some precedent for this with the guacamole_system_permission table, so I don't think it's a huge departure from that. Presumably we'd also want to implement some graphical way to manage that data.
> * Add a global, built-in group - something like All_Users - that automatically contains all users of the system, and to which permissions and attributes could be applied through the use of the existing guacamole_user_group_* tables. This would require that this group have an entry in the tables, but membership in the group could either be enforced - that is, there would be no way to actually remove a user from the group - or at least defaulted - where a user would be added until explicitly removed. There are some other potential built-in groups - like Sys Admins - that wouldn't be enforced or required, but might help to allocate system-level permissions a bit better.
> Curious what the thoughts/opinions are on either or both of these options.



--
This message was sent by Atlassian Jira
(v8.20.1#820001)