[whups] Is authentication done yet?
Chuck Hagenbuch
chuck@horde.org
Thu, 26 Jul 2001 02:19:26 -0400
Quoting "Robert E. Coyle" <robertecoyle@hotmail.com>:
> You can't currently. I've just found some more time to work
> on whups, but I'll need some help from the core Horde developers
> to do authentication so that it ties in nicely with the Horde
> framework.
Yo. :) I'd love to help you with this - I've been a bit short on time myself,
but just let me know what you need.
-chuck
--
Charles Hagenbuch, <chuck@horde.org>
Some fallen angels have their good reasons.
>From chuck@horde.org Date: Wed, 5 Sep 2001 17:15:14 -0400
Return-Path: <chuck@horde.org>
Mailing-List: contact whups-help@lists.horde.org; run by ezmlm
Delivered-To: mailing list whups@lists.horde.org
Received: (qmail 6675 invoked from network); 5 Sep 2001 21:17:22 -0000
Received: from h00104bc60b3c.ne.mediaone.net (HELO marina.horde.org) (24.91.198.7)
by horde.org with SMTP; 5 Sep 2001 21:17:22 -0000
Received: by marina.horde.org (Postfix, from userid 33)
id 181503D9F; Wed, 5 Sep 2001 17:15:15 -0400 (EDT)
Received: from 206.243.191.252 ( [206.243.191.252])
as user chuck@localhost by marina.horde.org with HTTP;
Wed, 5 Sep 2001 17:15:14 -0400
Message-ID: <999724514.3b9695e2e3f6d@marina.horde.org>
Date: Wed, 5 Sep 2001 17:15:14 -0400
From: Chuck Hagenbuch <chuck@horde.org>
To: whups@lists.horde.org
References: <OE21pH71yEXUIEAOeIi00000aba@hotmail.com>
In-Reply-To: <OE21pH71yEXUIEAOeIi00000aba@hotmail.com>
MIME-Version: 1.0
Content-Type: text/plain
Content-Transfer-Encoding: 8bit
User-Agent: Internet Messaging Program (IMP) 2.3.7-cvs
Subject: Re: [whups] User authentication
Quoting "Robert E. Coyle" <robertecoyle@hotmail.com>:
> + You can browse all public tickets without logging in. (Do we want
> to provide for having certain tickets private? That could lead
> to all sorts of requests, like "I want this ticket viewable, but
> this comment and attachment viewable to only these users" etc
> which will just make things far too complicated). It could be
> done by ticket type or ticket module, but you would then need
> to put users in access groups.
We can add acl-type stuff with the Groups::/Perms:: frameworks later.
> + On a public tracking system, anyone with a valid email address
> can register themselves as a user of the system.
>
> + To add a comment or attachment, you have to be logged in. This
> is so you can't place a comment or ticket without leaving your
> email address.
>
> + To set the owner, priority, or status, you have to be either the
> current owner of the ticket or the QA person responsible for that
> ticket type. This is a very coarse level of privilege affinity,
> but it makes things much simpler. Maybe there could be an all-
> powerful manager group that can do anything to any ticket.
>
> Private systems are different only in that you can't do anything
> without a login, and you can't add yourself to the system.
>
> How much provision for this is in the current horde authentication
> system? I haven't had a chance to look into it properly yet.
Finally getting around to looking at/working on this. I think that maybe the
way to go is to sort of mimic the php bugs system:
- anyone can browse
- to report a bug, you need to be logged in, or to leave your email address,
along with a password for editing that bug
- to edit to a bug, you need to be logged in (Horde auth), to have added it, or
(different from the php system) to add your email address and a password to it
- people logged in to Horde would get the admin-type stuff, possibly restricted
to a subset through Groups::/Perms:: stuff.
So each bug would sort of carry around its own ACL of emails+passwords for
public users, but Horde users wouldn't need to go through any of that.
Thoughts?
-chuck
--
Charles Hagenbuch, <chuck@horde.org>
Some fallen angels have their good reasons.
>From chuck@horde.org Date: Wed, 5 Sep 2001 17:19:04 -0400
Return-Path: <chuck@horde.org>
Mailing-List: contact whups-help@lists.horde.org; run by ezmlm
Delivered-To: mailing list whups@lists.horde.org
Received: (qmail 6830 invoked from network); 5 Sep 2001 21:21:10 -0000
Received: from h00104bc60b3c.ne.mediaone.net (HELO marina.horde.org) (24.91.198.7)
by horde.org with SMTP; 5 Sep 2001 21:21:09 -0000
Received: by marina.horde.org (Postfix, from userid 33)
id B00023D9F; Wed, 5 Sep 2001 17:19:04 -0400 (EDT)
Received: from 206.243.191.252 ( [206.243.191.252])
as user chuck@localhost by marina.horde.org with HTTP;
Wed, 5 Sep 2001 17:19:04 -0400
Message-ID: <999724744.3b9696c88d5c5@marina.horde.org>
Date: Wed, 5 Sep 2001 17:19:04 -0400
From: Chuck Hagenbuch <chuck@horde.org>
To: whups@lists.horde.org
References: <OE21pH71yEXUIEAOeIi00000aba@hotmail.com> <999724514.3b9695e2e3f6d@marina.horde.org>
In-Reply-To: <999724514.3b9695e2e3f6d@marina.horde.org>
MIME-Version: 1.0
Content-Type: text/plain
Content-Transfer-Encoding: 8bit
User-Agent: Internet Messaging Program (IMP) 2.3.7-cvs
Subject: Re: [whups] User authentication
Quoting Chuck Hagenbuch <chuck@horde.org>:
> So each bug would sort of carry around its own ACL of emails+passwords for
> public users, but Horde users wouldn't need to go through any of that.
Hmm. Another option is just to have a seperate Auth source defined in Whups'
conf files for public users, and to let users add themselves to that... I think
I like that better.
-chuck
--
Charles Hagenbuch, <chuck@horde.org>
Some fallen angels have their good reasons.