Re: [Openinteract-help] NewUser question.

SourceForge Headquarters 1320 Columbia Street Suite 310 San Diego, CA 92101 +1 (858) 422-6466

> I've removed
> the links in the templates to the /NewUser action, but you can still
> type it in manually and create a user.

You can disable /NewUser by removing the action in action.perl in base_user 
package, incrementing the version number (in this case, 1.65) in package.conf 
and reinstalling the package with oi_manage.

> OpenInteract::Handler::NewUser.pm in my OI base directory after not
> finding a Cornerstone::Handler::NewUser.pm in the action.perl files. Am
> I off here?

If your website is called Cornerstone, all OpenInteract::* will be mapped as 
Cornerstone::*, in this case, OpenInteract::Handler::NewUser -> 
Cornerstone::Handler::NewUser. So, if you want to create your own NewUser 
handler, create it with a different Handler name, for example 
OpenInteract::Handler::CreateUser or something, remove the NewUser action, 
add your own NewUser action and map it to *::CreateUser.

> And, what is the "correct" way to disable this (or any other)
> functionality? 

One thing I don't like about OI base packages is that they implement a lot of 
things that are tied with the core itself. It means that if you want to 
replace one of them, you have to exactly know what you are doing, i.e. if any 
stuff from a certain package you are going to replace is used in another one 
or in the core itself.

I worked around this by just disabling actions provided by some base_* 
packages I don't need or adding Handler security that blocks the use of 
certain features. Look into sys_security table to know how Handler security 
works. Basically, SPOPS objects that have security have a number in object_id 
field. Handlers have 0 (zero).

Example of SPOPS object with security:

(user 22 may only write the object):
sid: 39609
class: Example::SpopsObject
object_id: 5931
scope: u
scope_id: 22
security_level: 8

Example of a Handler (action) with security:

(No one - world - may execute the handler NewUser):
sid: 39610
class: Example::Handler::NewUser
object_id: 0
scope: w
scope_id: world
security_level: 1

For handlers to use security, the action.perl must not contain security => no 
for the action.

More info:
http://www.openinteract.org/docs/security.shtml

It is easier to use the base_user package because it has all the 
authentication stuff with the sys_user table etc. implemented. base_group has 
a group system implemented, which is tied with the Handler security itself. 
Pretty hairy stuff if you want to heavily modify the functionality without 
getting into modifying the base_* packages themselves (something you don't 
want to do or you have to maintain and sync the changes in the package as new 
versions of OpenInteract appear).

Just go with the base_* packages and be creative: add a new package, something 
like cornerstone_user and cornerstone_group that have additional features you 
want (a new user manager, registration application, password changing etc) 
and possibly add more fields for users. I for example used an additional 
table for additional personal user information and linked it with sys_user 
table. 

We have heavily modified the OpenInteract system and replaced most of the 
essential actions provided by base_* packages with more robust alternatives 
in our Dicole project. You might find it interesting and maybe even useful 
for your project. It is an extension to OpenInteract and acts as a more 
abstract layer for creating web based applications:

http://www.dicole.fi/docs/dicole_api_overview.html
http://www.dicole.fi/docs/introduction.html

Currently in development but first version of a groupware created with it will 
be available in August.

-- 
--------------

Teemu Arina

Ionstream Oy / Dicole
Komeetankuja 4 A
02210 Espoo
FINLAND
Tel: +358-(0)50 - 555 7636
http://www.dicole.fi

"Discover, collaborate, learn."