Uploaded image for project: 'Grouper'
  1. Grouper
  2. GRP-178

add a grouperIncludeExclude and requireGroups type and hook to auto-create groups

    XMLWordPrintable

    Details

    • Type: New Feature
    • Status: Resolved
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: 1.4.0
    • Fix Version/s: 1.4.0
    • Component/s: API
    • Labels:
      None

      Description

      Loris needs include/exclude groups (and Penn can use this too, and I assume most people will like it), this is what I am planning to do:

      1. This is off by default, you enable with a boolean param in grouper.properties
      2. If you enable it, a Group marker type will be created if it doesnt exist, called: grouperIncludeExclude
      3. I will make sure there is a tooltip of documentation in the UI
      4. If this type is applied to a group (named org123, e.g. the auto-loaded grouperLoader group), then a built-in hook will do the following, if the groups do not exist:
      a. create group of org123_include
      b. create group of org123_membersAndIncludes (have two members: org123, and org123_include)
      c. create group of org123_exclude
      d. create group of org123_overall (composite of membersAndIncludes minus org123_exclude)
      5. If the type is removed, none of the created groups will be affected
      6. I dont know what the permissions of all these groups will be, I assume it will be just like the current user created them

      Also we need an enhancement in the loader which allows for a type to be applied to a sql list of groups...

      It is possible to do this with one fewer group, but I was thinking that if the "includes" is its own group, then whoever has permissions to edit that membership, cannot remove the org123 group, they will only be able to operate on the whitelist... Then the membersAndIncludes and overall group would be able to have restricted permissions so no one messes it up...

      Thanks,
      Chris

        Attachments

          Activity

            People

            Assignee:
            chris.hyzer@at.internet2.edu Chris Hyzer (upenn.edu)
            Reporter:
            chris.hyzer@at.internet2.edu Chris Hyzer (upenn.edu)
            Votes:
            0 Vote for this issue
            Watchers:
            0 Start watching this issue

              Dates

              Created:
              Updated:
              Resolved:

                Smart Checklist