Sitemap question

[Jürgen Ragaller <ra...@null-oder-eins.ch>]

Hi


I am trying to achieve the following behaviour in a sitemap pipeline:

When a user belongs to a group foo, a resource is returned (using a  
cocoon-reader), else the user gets a login screen (and after the  
login redirect gets the resource). We intend to use this behaviour  
for lenya-access-protected assets.

I saw that the group affiliation of a user can be read in the  
pipeline by using {access-control:role-ids}. Now the problem is, that  
I cannot use a simple boolean parameter selector test for the role-ids.

Does it make sense, to write a cocoon action for the purpose of  
checking if the user belongs to group foo; or do you know of a better  
way (maybe more simple)?


Thanks for help!

Jürgen
---------------------------------------------------------------------
To unsubscribe, e-mail: user-unsubscribe@lenya.apache.org
For additional commands, e-mail: user-help@lenya.apache.org

Re: Sitemap question

[Jörn Nettingsmeier <ne...@apache.org>]

Andreas Hartmann wrote:
> Jürgen Ragaller schrieb:
>> Am 09.08.2007 um 23:27 schrieb Joern Nettingsmeier:
>>
>>> Jürgen Ragaller wrote:
>>>> Hi
>>>> I am trying to achieve the following behaviour in a sitemap pipeline:
>>>> When a user belongs to a group foo, a resource is returned (using a
>>>> cocoon-reader), else the user gets a login screen (and after the
>>>> login redirect gets the resource). We intend to use this behaviour
>>>> for lenya-access-protected assets.
>>> by "resource", you probably mean a static file under <pub>/resources?
>> No - a new folder (maybe somewhere inside the content folder) with
>> assets in it.
> 
> Actually I'd discourage this - with Lenya 2.0, you rather work with
> repository items than with files. It is highly recommended to use the
> repository API for document storage.
> 
> 
>>> these files bypass the access controller afaik (but i would need to
>>> check).
>>>
>>> why do you want to do this? if access-controlled assets is what you're
>>> after, why don't you just use a lenya document (of resource type
>>> media, or maybe some custom type) and the live access control features
>>> that are already there?
>>>
>>> maybe i'm misunderstanding what you're after... if so, please explain
>>> some more.
>>>
>> We have a large number (~ 500) of assets that we do not want to upload
>> one by one so we put them in a folder wich allows simple mass operations.
> 
> Maybe you could implement an import functionality? You could probably
> start with the Importer service and customize it to your needs.

if it's a one-time mass upload (say, during a migration) and not an 
everyday requirement, you could maybe also write a canoo web test that 
does an upload... i haven't done it before, but from what i heard in 
andreas' presentation, it should be easy. if iterating over documents is 
hard in canoo, do it the unix way: write a shell script that writes a 
web test :)
no, i'm really serious. of couse, all this only makes sense if your mass 
uploads are rare and only done by site administrators.

regards,

jörn



-- 
Jörn Nettingsmeier

"One of my most productive days was throwing away 1000 lines of code."
   - Ken Thompson.

---------------------------------------------------------------------
To unsubscribe, e-mail: user-unsubscribe@lenya.apache.org
For additional commands, e-mail: user-help@lenya.apache.org

Re: Sitemap question

[Jürgen Ragaller <ra...@null-oder-eins.ch>]

Am 10.08.2007 um 09:50 schrieb Andreas Hartmann:

> Jürgen Ragaller schrieb:
>>
>> Am 09.08.2007 um 23:27 schrieb Joern Nettingsmeier:
>>
>>> Jürgen Ragaller wrote:
>>>> Hi
>>>> I am trying to achieve the following behaviour in a sitemap  
>>>> pipeline:
>>>> When a user belongs to a group foo, a resource is returned (using a
>>>> cocoon-reader), else the user gets a login screen (and after the
>>>> login redirect gets the resource). We intend to use this behaviour
>>>> for lenya-access-protected assets.
>>>
>>> by "resource", you probably mean a static file under <pub>/ 
>>> resources?
>>
>> No - a new folder (maybe somewhere inside the content folder) with
>> assets in it.
>
> Actually I'd discourage this - with Lenya 2.0, you rather work with
> repository items than with files. It is highly recommended to use the
> repository API for document storage.
>
>
>>> these files bypass the access controller afaik (but i would need to
>>> check).
>>>
>>> why do you want to do this? if access-controlled assets is what  
>>> you're
>>> after, why don't you just use a lenya document (of resource type
>>> media, or maybe some custom type) and the live access control  
>>> features
>>> that are already there?
>>>
>>> maybe i'm misunderstanding what you're after... if so, please  
>>> explain
>>> some more.
>>>
>>
>> We have a large number (~ 500) of assets that we do not want to  
>> upload
>> one by one so we put them in a folder wich allows simple mass  
>> operations.
>
> Maybe you could implement an import functionality? You could probably
> start with the Importer service and customize it to your needs.
>
>
>> The above described idea is to still provide access-control to these
>> assets with a lenya group (named intranet or so). Any link to
>> /secure-assets-folder/** will be handeld by a seperate pipeline -  
>> and in
>> this pipeline the access control can be done by lenya. Our idea to
>> provide a list of these assets is to write a lenya resource type  
>> with a
>> cocoon directory generator (pointing to that asset folder).
>>
>> To check in the pipeline (handling the direct links to these  
>> assests) if
>> the logged-in user belongs to group «intranet» I can think of
>>
>> - Writing a custom cocoon sitemap-action
>> - Writing a custom cocoon sitemap-selector
>> - Writing a input module for our special case of access control
>
> If you really want to implement it that way, a selector is probably  
> the
> cleanest approach.
>
> -- Andreas


Andreas, Thanks a lot for your comments

Jürgen



null-oder-eins GmbH
web & graphic design

Anna Heerstrasse 14
8057 Zürich
www.null-oder-eins.ch
Tel +41 44 350 56 26
Fax +41 44 350 56 27

Jürgen Ragaller
ragaller@null-oder-eins.ch
Skype: callto://ragaller





---------------------------------------------------------------------
To unsubscribe, e-mail: user-unsubscribe@lenya.apache.org
For additional commands, e-mail: user-help@lenya.apache.org

Re: Sitemap question

[Andreas Hartmann <an...@apache.org>]

Jürgen Ragaller schrieb:
> 
> Am 09.08.2007 um 23:27 schrieb Joern Nettingsmeier:
> 
>> Jürgen Ragaller wrote:
>>> Hi
>>> I am trying to achieve the following behaviour in a sitemap pipeline:
>>> When a user belongs to a group foo, a resource is returned (using a
>>> cocoon-reader), else the user gets a login screen (and after the
>>> login redirect gets the resource). We intend to use this behaviour
>>> for lenya-access-protected assets.
>>
>> by "resource", you probably mean a static file under <pub>/resources?
> 
> No - a new folder (maybe somewhere inside the content folder) with
> assets in it.

Actually I'd discourage this - with Lenya 2.0, you rather work with
repository items than with files. It is highly recommended to use the
repository API for document storage.


>> these files bypass the access controller afaik (but i would need to
>> check).
>>
>> why do you want to do this? if access-controlled assets is what you're
>> after, why don't you just use a lenya document (of resource type
>> media, or maybe some custom type) and the live access control features
>> that are already there?
>>
>> maybe i'm misunderstanding what you're after... if so, please explain
>> some more.
>>
> 
> We have a large number (~ 500) of assets that we do not want to upload
> one by one so we put them in a folder wich allows simple mass operations.

Maybe you could implement an import functionality? You could probably
start with the Importer service and customize it to your needs.


> The above described idea is to still provide access-control to these
> assets with a lenya group (named intranet or so). Any link to
> /secure-assets-folder/** will be handeld by a seperate pipeline - and in
> this pipeline the access control can be done by lenya. Our idea to
> provide a list of these assets is to write a lenya resource type with a
> cocoon directory generator (pointing to that asset folder).
> 
> To check in the pipeline (handling the direct links to these assests) if
> the logged-in user belongs to group «intranet» I can think of
> 
> - Writing a custom cocoon sitemap-action
> - Writing a custom cocoon sitemap-selector
> - Writing a input module for our special case of access control

If you really want to implement it that way, a selector is probably the
cleanest approach.

-- Andreas

-- 
Andreas Hartmann, CTO
BeCompany GmbH
http://www.becompany.ch


---------------------------------------------------------------------
To unsubscribe, e-mail: user-unsubscribe@lenya.apache.org
For additional commands, e-mail: user-help@lenya.apache.org

Re: Sitemap question

[Jürgen Ragaller <ra...@null-oder-eins.ch>]

Am 09.08.2007 um 23:27 schrieb Joern Nettingsmeier:

> Jürgen Ragaller wrote:
>> Hi
>> I am trying to achieve the following behaviour in a sitemap pipeline:
>> When a user belongs to a group foo, a resource is returned (using  
>> a cocoon-reader), else the user gets a login screen (and after the  
>> login redirect gets the resource). We intend to use this behaviour  
>> for lenya-access-protected assets.
>
> by "resource", you probably mean a static file under <pub>/resources?

No - a new folder (maybe somewhere inside the content folder) with  
assets in it.

>
> these files bypass the access controller afaik (but i would need to  
> check).
>
> why do you want to do this? if access-controlled assets is what  
> you're after, why don't you just use a lenya document (of resource  
> type media, or maybe some custom type) and the live access control  
> features that are already there?
>
> maybe i'm misunderstanding what you're after... if so, please  
> explain some more.
>

We have a large number (~ 500) of assets that we do not want to  
upload one by one so we put them in a folder wich allows simple mass  
operations.

The above described idea is to still provide access-control to these  
assets with a lenya group (named intranet or so). Any link to /secure- 
assets-folder/** will be handeld by a seperate pipeline - and in this  
pipeline the access control can be done by lenya. Our idea to provide  
a list of these assets is to write a lenya resource type with a  
cocoon directory generator (pointing to that asset folder).

To check in the pipeline (handling the direct links to these assests)  
if the logged-in user belongs to group «intranet» I can think of

- Writing a custom cocoon sitemap-action
- Writing a custom cocoon sitemap-selector
- Writing a input module for our special case of access control

If the user is not in group foo he/she will be redirected to the  
login screen.


Thanks for thoughts or ideas about this approach.

Jürgen




null-oder-eins GmbH
web & graphic design

Anna Heerstrasse 14
8057 Zürich
www.null-oder-eins.ch
Tel +41 44 350 56 26
Fax +41 44 350 56 27

Jürgen Ragaller
ragaller@null-oder-eins.ch
Skype: callto://ragaller





---------------------------------------------------------------------
To unsubscribe, e-mail: user-unsubscribe@lenya.apache.org
For additional commands, e-mail: user-help@lenya.apache.org

Re: Sitemap question

[Joern Nettingsmeier <ne...@folkwang-hochschule.de>]

Jürgen Ragaller wrote:
> Hi
> 
> 
> I am trying to achieve the following behaviour in a sitemap pipeline:
> 
> When a user belongs to a group foo, a resource is returned (using a 
> cocoon-reader), else the user gets a login screen (and after the login 
> redirect gets the resource). We intend to use this behaviour for 
> lenya-access-protected assets.

by "resource", you probably mean a static file under <pub>/resources?

these files bypass the access controller afaik (but i would need to check).

why do you want to do this? if access-controlled assets is what you're 
after, why don't you just use a lenya document (of resource type media, 
or maybe some custom type) and the live access control features that are 
already there?

maybe i'm misunderstanding what you're after... if so, please explain 
some more.


regards,

jörn




-- 
jörn nettingsmeier

home://germany/45128 essen/lortzingstr. 11/
http://spunk.dnsalias.org
phone://+49/201/491621

Kurt is up in Heaven now.

---------------------------------------------------------------------
To unsubscribe, e-mail: user-unsubscribe@lenya.apache.org
For additional commands, e-mail: user-help@lenya.apache.org