Ticket #440 (closed Task: worksforme)
disable fileupload?
Reported by: | JuergeN | Owned by: | jri |
---|---|---|---|
Priority: | Major | Milestone: | |
Component: | DeepaMehta Standard Distribution | Version: | 4.1 |
Keywords: | Cc: | ||
Complexity: | 3 | Area: | GUI / Usability |
Module: | deepamehta-webclient |
Description
Refering to #409 I have created a user named 'testuser' and a workspace named 'Demo'. I have deleted the aggregation between testuser and the default workspace DeepaMehta and created a new aggregation of the same type between the new workspace 'Demo' and the 'testuser'. How comes, the testuser can still upload files, but the workspace 'Demo' does not have any associations to FILES or any other topic. I just do not know what I have to do.
Could you please try to provide a short step by step introduction how I can diasable fileupload for a certain user? Thank you!
Change History
comment:2 Changed 12 years ago by jri
One more hint: a newly created Workspace has no types assigned to it. So, if this workspace is the only one a user is a member of, she can't create anything. To enable the user to create topics, assign the proper types to the new workspace.
The permission to create a File Browser is bound to the Folder type.
The permission to create Folders in the File Repository is bound to the Folder type as well.
The permission to upload Files is bound to the File type.
This policy is not fixed but controlled by the type's ACL. By default every type has at least this ACL entry:
CREATE: CREATOR, OWNER, MEMBER
The MEMBER role means that every member of each workspace the type is assigned to has the permission to CREATE instances of that type.
An ACL entry has the format:
Operation: list of Roles
The permission to perform that Operation is granted to each user who occupies at least one of the listed Roles.
Currently DM Access Control mechanism provides 2 Operations (WRITE, CREATE) and 5 Roles (CREATOR, OWNER, MEMBER, USER, EVERYONE). Each topic (and thus each type) and each association has its individual ACL.
Your reasoning is right.
Just one thing: a "workspace membership" is represented by an Aggregation between a Username and the Workspace. Not between a User Account and the Workspace.
So, to create a membership, reveal the User Account's Username topic first and associate that one.
Hint: in your case it would be easier to create the Workspace first, and the User Account afterwards. That way the new User Account (including its Username topic) is assigned to the new Workspace by default. This frees you from reassigning the workspace manually.
All things created are assigned to the current workspace. Creating a workspace makes that one the current workspace.
Thanks for your question!