Ticket #2404 (closed feature: obsolete)
book download form Sophie Client
Reported by: | dido | Owned by: | mira |
---|---|---|---|
Priority: | major | Milestone: | |
Component: | S2S_CLIENT_SUPPORT | Version: | 2.0 |
Keywords: | server | Cc: | mira |
Category: | S2S | Effort: | |
Importance: | 80 | Ticket_group: | |
Estimated Number of Hours: | 0 | Add Hours to Ticket: | 0 |
Billable?: | yes | Total Hours: | 0 |
Analysis_owners: | dido | Design_owners: | mira |
Imp._owners: | mira | Test_owners: | |
Analysis_reviewers: | Changelog: | Changelog | |
Design_reviewers: | pap | Imp._reviewers: | pap, todor, deyan |
Test_reviewers: | Analysis_score: | 4 | |
Design_score: | 3 | Imp._score: | 3 |
Test_score: | 0 |
Description (last modified by deyan) (diff)
The goal of this task is to determine the behavior of the application during downloading resources from the server via Sophie client.
- Inside the server resources palette user should see only books that he has read or read&write rights over them. No other items should present at this point.
- [OPTIONAL] Visual indication should appear that shows what are the rights of the user over the resource. Add second icon for that after the label (right side) inside the list item.
- When the user have only read rights for a book:
- The book should be opened inside preview mode in Sophie Author. The edit button should not be available. For now to refresh the content, the user should close the book and open it again.
- When the user open book from Sophie Reader there won't be any differences between books that he have read or read&write rights over them.
- Opening a book that has linked book inside it, and the user didn't have rights over the linked one - should display the frame, but instead the original content we should display message. The message should inform the user that the resource is not visible.
- Use the following text for this message - "Sophie was not able to display this book, because you don't have read rights over it."
- The message should have warning icon on the left side.
- This should be for both Sophie Author and Sophie Reader
Related: #2400
Related: #2408
Related: http://sophie2.org/trac/wiki/ServerOverview
Change History
comment:2 Changed 15 years ago by dido
- Owner set to dido
- Status changed from new to s1a_analysis_started
comment:4 Changed 15 years ago by dido
- Status changed from s1a_analysis_started to s1b_analysis_finished
- Description modified (diff)
comment:5 Changed 15 years ago by deyan
- Status changed from s1b_analysis_finished to s1c_analysis_ok
- Description modified (diff)
- Analysis_score changed from 0 to 4
comment:6 Changed 15 years ago by mira
- Owner changed from dido to mira
- Status changed from s1c_analysis_ok to s2a_design_started
comment:7 Changed 15 years ago by mira
- Design_owners set to mira
- Status changed from s2a_design_started to s2b_design_finished
This task is going to handle both - uploading and downloading books with read/write permitions. (see #2400)
Permissions
- In the base.model.resources.r4 module make a SecurityPermission enum. It should be used to represent the permissions over access to a sophie resources. For now it would contain only READ and WRITE elements, but we could descide to add MANAGE permissions.
- In the ResourceR4 class add additional simple key - KEY_SECURITY that keeps a ImmMap ot ResourceRefR4 to SecurityPermissions. It would contain refs to the users and groups that have granted rights to view or manipulate this resource.
Users
- In the GroupH make a getter for the default group by the usersAccess. This is ResourceAccess to the './users' directory of every server. If the group is not created it should create it at './users/Def_Group'.
- The makeUser method of the UserH should set the KEY_GROUPS to an ImmList with one element- the default group.
Set permissions
Update the ServerDialog to provide options for choosing other users permissions.
- On uploading books on server in the KEY_SECURITY shoupd be set two entries:
- one for the user that uploads the book - WRITE permissions.
- one for other users (represented by the group ref - './users/Def_Group'). The permission is got by the new dialog.
- Then the book is uploaded the same way.
Check Permissions
- Add filter to the resources palette for showing only the allowed books, those are the books the connected user has read or write permissions for.
- When opening a readonly book, open it in preview mode.
- Add assertion on the server doChange method for registering changes by a user that has no permission to.
comment:8 Changed 15 years ago by pap
- Status changed from s2b_design_finished to s2c_design_ok
- Design_score changed from 0 to 3
- Design_reviewers set to pap
- No design related code
- Nothing about user interface
- This about groups in the users directory sounds a bit strange.
- I don't like "Def_Group". You tend to use too much shortened words in all your code and explanations.
- This design doesn't actually describe how it will cover the requirements in #2400.
- Maybe the assertion you mentioned should be on some other place. Also make sure to put assertions where you want caller methods to make sure a condition is met.
comment:9 Changed 15 years ago by mira
- Status changed from s2c_design_ok to s3a_implementation_started
- Imp._owners set to mira
comment:10 Changed 15 years ago by mira
- Status changed from s3a_implementation_started to s3b_implementation_finished
The implementation is done according to the desing in branches/private/mira/security
There was a small problem with consistency of absolute references, since users could be connected to '10.10.117.2' or 'straxil.asteasolutions.net' or 'localhost'. So the permissions are kept by relative refs.
Until now if there are two connections to the same server, the palette always opened the first one`s resources. I made the palette to keep sessionIds along with the resource ref.
comment:11 Changed 15 years ago by meddle
- Status changed from s3b_implementation_finished to s3c_implementation_ok
- Imp._score changed from 0 to 3
- Imp._reviewers set to pap
- Constants in MasterTopAcccess are not final
- AutoAction's message should have its key as a constant. No strings should be written directly in the Message.create. UserGroupH, ServersTabLogic
- Having constants named DEF_GROUP_NAME and DEFAULT_GROUP_NAME in UserGroupR4 is quite a bad idea.
- Anonymous user ref equals none ref. Isn't this bad.
- UserGroupH.makeNewGroup has a description that it creates a new user. Also it creates the one and only default group and not some new group.
- The JavaDoc of SaveToServerDialog.Input is incorrect.
3p
comment:12 Changed 15 years ago by meddle
- Imp._reviewers changed from pap to pap, todor, deyan
Merged to the trunk at [9150]
comment:13 Changed 13 years ago by meddle
- Status changed from s3c_implementation_ok to closed
- Resolution set to obsolete
Closing all the tickets before M Y1