Gemini Community Support Site

This Gemini community support site can be used to find solutions to product issues. You can log in using Open Id, Google Profile and even Facebook. Feel free to ask a question or browse FAQs and documentation. Product tour videos are also available along with how-to videos demonstrating key Gemini capabilities.




Resourced User Security Settings

web-app

I am creating a Gemini site to implement CCB's

The basic "idiom" is this:

Projects == Change Control Boards (CCBs);
Resources == CCB members (voting members);
Custom data includes a view into project resources so that who should "vote" on a submittal (and their vote) can be recorded (see other post for issue with recording custom data changes in history);
Default project  Security Scheme is "Issue Creator" so that anyone can create (submit a change request), and comment when requested.
ONLY CCB members ("Resources") should have issue worker Security Permissions (since they record their vote, among other things, by editing the issue).

-----
What I would like to do:

I would like to be able (in this installation) to modify / augment gemini_updateprojectresource() so that, in addition to adding or removing a resource, this SPROC also automatically "promotes" user settings/roles so that the resource (in effect) gets some list of additional project permissions that will result in effect giving them "Issue Worker" status.   It would seem the way to do this is to create a lookup table that looks up the permissions to be added for "resources" (removing would be harder, but could be done by recording changes in another table, then "rolling back").

Anyway, in looking at the tables and sprocs, I don't immediately see how to do this.   It would appear that I need to add (?) an entry in the userroles table to accomplish this.

Does that sound about right?  Anything else I need to think about?

Thanks,
Yarko
yarkot
· 1 		yarkot
Monday, March 13, 2006, 11:28:51 PM
Replies (2)
helpful
0
not helpful

...continuing to look at this, it looks like just exec'ing geminiupdateuserrolesforproject() from geminiupdateprojectresource() should do the trick...

... actually it's gemini_assignprojectresource(), not _updateprojectresource() (update just marks
"active" or not)...

Ok - so that works, but WHERE is "removeprojectresrouce()"  or some such sproc, so I can undo this too when a resource is de-commissioned?   I don't see a sproc that looks like this off hand...
yarkot
· 1 		yarkot
Monday, March 13, 2006, 11:32:17 PM
helpful
0
not helpful

[quote user="yarkot"]...continuing to look at this, it looks like just exec'ing geminiupdateuserrolesforproject() from geminiupdateprojectresource() should do the trick...

... actually it's geminiassignprojectresource(), not _updateprojectresource() (update just marks
"active" or not)...

Ok - so that works, but WHERE is "removeprojectresrouce()"  or some such sproc, so I can undo this too when a resource is de-commissioned?   I don't see a sproc that looks like this off hand...
[/quote]

Ok - I got this:

To accomplish this for a CCB instance of Gemini, I (for starters, manually pick - but could get fancier):

  1. exec geminiupdateuserrolesforproject() with the security role I want to associate w/ resource from geminiassignprojectresource()
  2. add this:    
delete from userroles where userid=@userid and projid=@projid

into geminiremoveprojectresource()

This looks like it does the trick, passes tests, seems to be working...

Cheers,
Yarko
yarkot
· 1 		yarkot
Tuesday, March 14, 2006, 12:21:32 AM