1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
|
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN">
<HTML>
<HEAD>
<TITLE> [Mageia-sysadm] LDAP group for translator, delegation
</TITLE>
<LINK REL="Index" HREF="index.html" >
<LINK REL="made" HREF="mailto:mageia-sysadm%40mageia.org?Subject=Re%3A%20%5BMageia-sysadm%5D%20LDAP%20group%20for%20translator%2C%20delegation&In-Reply-To=%3C201102201711.50012.bgmilne%40staff.telkomsa.net%3E">
<META NAME="robots" CONTENT="index,nofollow">
<META http-equiv="Content-Type" content="text/html; charset=us-ascii">
<LINK REL="Previous" HREF="002790.html">
<LINK REL="Next" HREF="002817.html">
</HEAD>
<BODY BGCOLOR="#ffffff">
<H1>[Mageia-sysadm] LDAP group for translator, delegation</H1>
<B>Buchan Milne</B>
<A HREF="mailto:mageia-sysadm%40mageia.org?Subject=Re%3A%20%5BMageia-sysadm%5D%20LDAP%20group%20for%20translator%2C%20delegation&In-Reply-To=%3C201102201711.50012.bgmilne%40staff.telkomsa.net%3E"
TITLE="[Mageia-sysadm] LDAP group for translator, delegation">bgmilne at staff.telkomsa.net
</A><BR>
<I>Sun Feb 20 16:11:49 CET 2011</I>
<P><UL>
<LI>Previous message: <A HREF="002790.html">[Mageia-sysadm] LDAP group for translator, delegation
</A></li>
<LI>Next message: <A HREF="002817.html">[Mageia-sysadm] LDAP group for translator, delegation
</A></li>
<LI> <B>Messages sorted by:</B>
<a href="date.html#2795">[ date ]</a>
<a href="thread.html#2795">[ thread ]</a>
<a href="subject.html#2795">[ subject ]</a>
<a href="author.html#2795">[ author ]</a>
</LI>
</UL>
<HR>
<!--beginarticle-->
<PRE>On Saturday, 19 February 2011 17:07:28 Michael Scherer wrote:
><i> Hi,
</I>><i>
</I>><i> After the meeting of i18n, where people asked me to come to discuss tx,
</I>><i> I discovered
</I>><i> that it was not working for people outside of me, due to various acl
</I>><i> issues.
</I>><i>
</I>><i> So now this is fixed ( rev 1139 ), there is the question of who should
</I>><i> access transifex.
</I>><i>
</I>><i> Jehane on #mageia-i18N proposed to have the access for each tranlator (
</I>><i> sound good ),
</I>><i> and I proposed to restrict staff/super user privileges to team leader.
</I>><i> ( I do not know yet
</I>><i> what it mean for transifex ).
</I>><i>
</I>><i> First question :
</I>><i>
</I>><i> Should we have 1 big group for that, and let people manage the various
</I>><i> subteams outside
</I>><i> of ldap, or have 1 group per language ?
</I>><i>
</I>><i> 1 big group is easier, and we can delegate the management to 1/2 person
</I>><i> ( ie i18n team leader ).
</I>><i>
</I>><i> Several group is IMHO more scalable, but this requires more work on our
</I>><i> side. And this will not
</I>><i> map to permission on tx and the blog, among others.
</I>><i>
</I>><i> Second question :
</I>><i>
</I>><i> For delegation, I know that some stuff are planned in catdap, but for
</I>><i> the moment do people think
</I>><i> this is ok to place team leader as owner of the group in ldap, and ask
</I>><i> them to use a ldap editor ( for those
</I>><i> that know it, of course ). The connexion should be secured, and the
</I>><i> access should be simple enough, but
</I>><i> we should better check twice
</I>
I have added some initial group editing code. It is available on
<A HREF="https://identity-trunk.mageia.org">https://identity-trunk.mageia.org</A> . If the user logged in to CatDap is a
member of the 'Group Admins' system group, they will see an additional "menu"
item at the top, 'Group Admins'.
By default, the view will show a search box, as well as a list of groups of
which the user is an owner.
A non-Account-admin, whose DN is listed in the owner attribute of the group,
will be able to edit the members and owners of the group.
Account admins can also edit the owners and members of the group. While the
members/owners are displayed with their full DN, they can (only) be added by
username.
Please test it, including users who are not Account Admins.
There is still a lot to do, but it works.
Regards,
Buchan
</PRE>
<!--endarticle-->
<HR>
<P><UL>
<!--threads-->
<LI>Previous message: <A HREF="002790.html">[Mageia-sysadm] LDAP group for translator, delegation
</A></li>
<LI>Next message: <A HREF="002817.html">[Mageia-sysadm] LDAP group for translator, delegation
</A></li>
<LI> <B>Messages sorted by:</B>
<a href="date.html#2795">[ date ]</a>
<a href="thread.html#2795">[ thread ]</a>
<a href="subject.html#2795">[ subject ]</a>
<a href="author.html#2795">[ author ]</a>
</LI>
</UL>
<hr>
<a href="https://www.mageia.org/mailman/listinfo/mageia-sysadm">More information about the Mageia-sysadm
mailing list</a><br>
</body></html>
|
