Presentation is loading. Please wait.

Presentation is loading. Please wait.

Creative Commons Attribution- NonCommercial-ShareAlike 2.5 License Sakai Programmer's Café Sakai Montreal CRIM Workshop Intro Sakai Auth Permissions Aaron.

Published byPatience Rolf Modified over 10 years ago

Similar presentations

Presentation on theme: "Creative Commons Attribution- NonCommercial-ShareAlike 2.5 License Sakai Programmer's Café Sakai Montreal CRIM Workshop Intro Sakai Auth Permissions Aaron."— Presentation transcript:

1 Creative Commons Attribution- NonCommercial-ShareAlike 2.5 License Sakai Programmer's Café Sakai Montreal CRIM Workshop Intro Sakai Auth Permissions Aaron Zeckoski azeckoski@gmail.com

2 2 Sakai authorization Handled via a set of permissions which are tied to roles in sites typically –Examples site.add - Can add a new site annc.delete.any - Can remove any announcement Roles are like positions in a group –Instructor –Maintain –Student

3 3 Sites and contexts In Sakai, a user group is called a site –Courses, project sites, groups However, there is a generic idea of a context which indicates the location of the user currently –This is what we will check against when checking permissions Each context has a reference which is what we will use for perm checks String siteRef = siteService.siteReference(siteId);

4 4 Creating new permissions Register new permissions using the Sakai FunctionManager –Call to registerFunction –Often done in the init method of a bean in the logic layer (recommended) Registered permissions will appear in the list perms in the Realms admin tool in Sakai URL: http://bugs.sakaiproject.org/confluence/display/BOOT/Using+the+FunctionManager+Servicehttp://bugs.sakaiproject.org/confluence/display/BOOT/Using+the+FunctionManager+Service public final static String ITEM_WRITE_ANY = myappitem.write.any"; functionManager.registerFunction(ITEM_WRITE_ANY);

5 5 Checking a permission The Sakai SecurityService is used to do permission checks –userId - The internal Sakai user identifier Not the username (eid) –Perm - The registered permission Using the FunctionManager –sakaiRef - The entity reference Probably a site reference Not the entityId, siteId, or groupId Returns a boolean true if user has the permission in the reference securityService.unlock(userId, ITEM_WRITE_ANY, sakaiRef) URL: http://bugs.sakaiproject.org/confluence/display/BOOT/Using+the+SecurityServicehttp://bugs.sakaiproject.org/confluence/display/BOOT/Using+the+SecurityService

6 6 Checking for super admin Check if the user is a super admin in the current Sakai instance –userId is the internal Sakai user id Not the username Returns true if the user is a super admin securityService.isSuperUser(userId) URL: http://bugs.sakaiproject.org/confluence/display/BOOT/Using+the+SecurityServicehttp://bugs.sakaiproject.org/confluence/display/BOOT/Using+the+SecurityService

7 7 Setting permissions Use the Realms tool in the administration workspace to set permissions for roles –Must be a super admin

8 8 Setting permissions (contd) Search for the site (by id) or modify the !site.template –Modifying the site template only affects sites created after the modification

9 9 Setting permissions (contd) Select the role you want to modify –Maintain - a site maintainer (like instructor) –Access - a site user (like student)

10 10 Setting permissions (contd) Check boxes to add permissions for this role or uncheck to remove them –Done and Save both save the changes

11 11 Sakai Entities Permissions are associated with entities in Sakai –Entities include sites, users, announcements, etc. When we are checking a permission related to a reference it is actually an entity reference –This can be confusing so it is best to think of it as related to sites and contexts at first

12 12 Questions? More information in the Sakai Collab whitepapers in the DG: Development site

Download ppt "Creative Commons Attribution- NonCommercial-ShareAlike 2.5 License Sakai Programmer's Café Sakai Montreal CRIM Workshop Intro Sakai Auth Permissions Aaron."

Similar presentations

From the eyes of an Administrator A general overview of e-CFunds Administrative Site, including navigation and exploring the features of this powerful.

From the eyes of an Administrator A general overview of e-CFunds Administrative Site, including navigation and exploring the features of this powerful.
HippoCampus A Free Educational Resource for Teachers.

HippoCampus A Free Educational Resource for Teachers.
San Juan College Bookstore February 2010 Faculty Edition.

San Juan College Bookstore February 2010 Faculty Edition.
Training Course: Task List. Agenda Overview of the Task List Screen Icons across the top Making Appointments Viewing Appointments & Filters Working Your.

Training Course: Task List. Agenda Overview of the Task List Screen Icons across the top Making Appointments Viewing Appointments & Filters Working Your.
Eric J. Oszakiewski MCTS: SharePoint Application Development SharePoint Configuration.

Eric J. Oszakiewski MCTS: SharePoint Application Development SharePoint Configuration.
Creative Commons Attribution- NonCommercial-ShareAlike 2.5 License Sakai Programmer's Café Sakai development tips Aaron Zeckoski

Creative Commons Attribution- NonCommercial-ShareAlike 2.5 License Sakai Programmer's Café Sakai development tips Aaron Zeckoski
Creative Commons Attribution- NonCommercial-ShareAlike 2.5 License Sakai Programmer's Café Sakai Tool Naming Tips Aaron Zeckoski

Creative Commons Attribution- NonCommercial-ShareAlike 2.5 License Sakai Programmer's Café Sakai Tool Naming Tips Aaron Zeckoski
iStar How to Create an Amendment

iStar How to Create an Amendment
Delegated Admin Tool Add User Training Module. Honeywell Proprietary Honeywell.com  2 Document control number Accessing Delegated Admin Tool To access.

Delegated Admin Tool Add User Training Module. Honeywell Proprietary Honeywell.com  2 Document control number Accessing Delegated Admin Tool To access.
Delegated Admin Tool Edit User Profile Training Module.

Delegated Admin Tool Edit User Profile Training Module.
Extended DISC Online System User Instruction: How to Run a Work Pairing.

Extended DISC Online System User Instruction: How to Run a Work Pairing.
Design Issues for General-Purpose Adaptive Hypermedia Systems Hongjing Wu, Erik de Kort, Paul De Bra Eindhoven University of Technology The Netherlands.

Design Issues for General-Purpose Adaptive Hypermedia Systems Hongjing Wu, Erik de Kort, Paul De Bra Eindhoven University of Technology The Netherlands.
KS Authorization Weixia (Bonnie) Huang Feb 19, 2013.

KS Authorization Weixia (Bonnie) Huang Feb 19, 2013.
CHAPTER 10 COMMON PROGRAMMING TECHNIQUES. SENDING VALUES TO A SCRIPT Hidden form input type: Depending on the method, $_POST['do'] or $_GET['do'] will.

CHAPTER 10 COMMON PROGRAMMING TECHNIQUES. SENDING VALUES TO A SCRIPT Hidden form input type: Depending on the method, $_POST['do'] or $_GET['do'] will.
Lesson 3: Managing User Access and Security (Cache Administrators only)

Lesson 3: Managing User Access and Security (Cache Administrators only)
Tutorial EBSCOadmin User Groups support.ebsco.com.

Tutorial EBSCOadmin User Groups support.ebsco.com.
Leverage Blackboard Web Services

Leverage Blackboard Web Services
Cisco Confidential 1 © 2013-2014 Cisco and/or its affiliates. All rights reserved. Last Updated: April 2014 Instructions for Navigating in the Training.

Cisco Confidential 1 © Cisco and/or its affiliates. All rights reserved. Last Updated: April 2014 Instructions for Navigating in the Training.
Linking External Tools with Sakai David Ross Educational Technology, Albany Medical College.

Linking External Tools with Sakai David Ross Educational Technology, Albany Medical College.
Creative Commons Attribution- NonCommercial-ShareAlike 2.5 License Sakai Programmers’ Café Sakai NWU Workshop, South Africa Recap of Sakai Services Antranig.

Creative Commons Attribution- NonCommercial-ShareAlike 2.5 License Sakai Programmers’ Café Sakai NWU Workshop, South Africa Recap of Sakai Services Antranig.

Similar presentations

Ads by Google