| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
| |
Resources will be stored as JSON, in the (GeoJSON) :feature column.
They are assigned an UUID upon creation if they don't comme with one.
They belong to an Agent.
|
| | |
|
| | |
|
| |
|
|
| |
This is a first version of the application, to go beyond simple authentication.
|
| |
|
|
|
|
|
| |
When using SSO, the Discourse sends a list of the user groups.
We take the opportunity to update Agency information for the user.
This is performed as a background job, as it involves networked
requests to the Discourse, e.g., to verify group ownership...
|
| |
|
|
|
|
|
| |
The Agency class can `grant` and `revoke` roles for a given Agent and User.
Since it is primarily used in context of both an Agent and User, we add
convenience methods so that one can grant or revoke a role simply by passing
the desired role to the instance.
|
| |
|
|
|
|
|
|
|
|
|
| |
The ApplicationController provides a `current_user` method (and
helper) to access the authenticated user (if any).
The WelcomeController provides minimal logic to authenticate
against DiscourseSSO.
Current state is that one can login and logout.
Views need a lot of work.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Since IN COMMON is about collective management of data
we're using the concept of Agent to describe a group of
users acting together.
In ActivityPub terms, Agent will be the Actor when manipulating
data, so that any individual User (or application) member of this
Agent will be able to manipulate data on behalf of this Agent.
Therefore a User has many Agencies, and an Agent as well: the
Agency model allows not only to create a joint table between Agents
and Users, but also to manage User roles within the related Agent.
Roles are defined as:
- observer: one who can read and review or flag data
- editor: one who create or edit data
- maintainer: one who can edit data and manage maps
- leader: one who can manage roles
A User may have zero or more roles in an Agent.
A User without a Agency record for a specific Agent will only be
able to 'observe' public data from this Agent.
(Note that this is not currently specified, but matches existing
reflection on Agents)
https://doc.incommon.cc/#agents
|
| |
|
|
|
|
|
|
| |
We're creating a minimal User model that will be filled from SSO.
We also configure Inflections so we can use SSO instead of Sso which
looks weird for a module named after an acronym.
Use Discourse as SSO: https://meta.discourse.org/t/using-discourse-as-a-sso-provider/32974
|
| | |
|
| |
|
