#19 Restrict Project Editting to Administrators

closed
nobody
None
5
2008-09-08
2008-02-29
rob_webset
No

I have created a patch that allows you to seperate Administrator roles from user roles. I know that there is no user configuration options within codestriker and (think it is unlikely that such a thing will be available any time soon?)

This patch seperates the codestriker.pl into two files, removing the "Project editting" into a seperate file "codestrikeradmin.pl". This allows you to use apache to configure user rights for each area. e.g.

<Directory "C:/codestriker/cgi-bin/">
AuthType Basic
AuthName "Codestriker Authentication"
AuthLDAPAuthoritative on
AuthLDAPBindDN "..."
AuthLDAPBindPassword ...
AuthLDAPURL "..."
Require group ...
SSLRequireSSL

AllowOverride None
Options ExecCGI
Order allow,deny
Allow from all
SetHandler cgi-script

<Files codestrikeradmin.pl>
Require user rhudson
</Files>
</Directory>

This is quite important for us, as we would want to prevent users from creating projects off their own back.

It would also open the way to implement things like:

[ 1472121 ] Introduce proper state table

And some other changes to make codestriker more configurable, but still prevent any user just changing these key settings.

Comments/thoughts?

Thanks

Rob

Discussion

  • rob_webset

    rob_webset - 2008-02-29

    Split codestriker.pl into two

     
    Attachments
  • Nobody/Anonymous

    Logged In: NO

    Rob this seems a good idea. Could you tell me how do I apply the patch?

     
  • Nobody/Anonymous

    Logged In: NO

    Rob this seems a good idea. Could you tell me how do I apply the patch?

     
  • Nobody/Anonymous

    Logged In: NO

    Rob this seems a good idea. Could you tell me how do I apply the patch?

     
  • rob_webset

    rob_webset - 2008-03-04

    Logged In: YES
    user_id=1137102
    Originator: YES

    Hi "nobody",

    To apply the patch you'll need to apply the diff file attached (Either manually or with some patch tool - think unix has one). Then run install.pl again and do the Apache changes detailed in the description.

    Note that it doesn't look like this is going to be applied to the final release as it will be acheived via REST instead.

    Rob

     
  • David Sitsky

    David Sitsky - 2008-08-06

    Logged In: YES
    user_id=208928
    Originator: NO

    Hi Rob,

    Just to let you know - the URL rewriting work I have detailed in this bug is on my radar now. Hopefully an initial version will be completed soon, so that you'll then have the possibility to apply URL security in your apache config to mask off admin/* to just your admin users.

     
  • David Sitsky

    David Sitsky - 2008-09-08

    Logged In: YES
    user_id=208928
    Originator: NO

    The latest version of Codestriker now has proper user authentication/authorisation to support this easily. Check out the $admin_users variable in codestriker.conf.

    This will be released in the upcoming 1.9.7 release.

     
  • David Sitsky

    David Sitsky - 2008-09-08
    • status: open --> closed
     

Get latest updates about Open Source Projects, Conferences and News.

Sign up for the SourceForge newsletter:





No, thanks