[07:16:48 EST(-0500)] * michelled (n=michelle@CPE001310472ade-CM0011aefd3ca8.cpe.net.cable.rogers.com) has joined ##uportal
[09:02:08 EST(-0500)] * holdorph (n=holdorph@nsit-dhcp-205-208-044-025.uchicago.edu) has joined ##uportal
[09:10:38 EST(-0500)] * EricDalquist (n=dalquist@bohemia.doit.wisc.edu) has joined ##uportal
[09:31:01 EST(-0500)] * jayshao (n=jayshao@204.142.89.148) has joined ##uportal
[10:31:13 EST(-0500)] * athena (n=athena@adsl-75-58-127-15.dsl.wlfrct.sbcglobal.net) has joined ##uportal
[11:16:04 EST(-0500)] * michelled (n=michelle@CPE001310472ade-CM0011aefd3ca8.cpe.net.cable.rogers.com) has joined ##uportal
[11:45:43 EST(-0500)] * colinclark (n=colin@12.157.240.3) has joined ##uportal
[12:03:18 EST(-0500)] * Sememmon (n=Sememmon@unaffiliated/sememmon) has joined ##uportal
[12:30:29 EST(-0500)] <athena> ergh.
[12:31:26 EST(-0500)] <athena> so looking at the permission-granting code, right now the way channels are given permissions is just to assume that what we want to do is grant subscribe permissions on all the selected groups for a channel
[12:32:05 EST(-0500)] <EricDalquist> uhg
[12:32:19 EST(-0500)] <athena> that's not really compatible with what we're trying to do
[12:33:22 EST(-0500)] <EricDalquist> yeah
[12:33:38 EST(-0500)] <athena> i'm not even sure what the interface should look like
[12:33:41 EST(-0500)] * michelled (n=michelle@CPE001310472ade-CM0011aefd3ca8.cpe.net.cable.rogers.com) has joined ##uportal
[12:34:02 EST(-0500)] <athena> do we actually just need a permissions webflow to deal with this?
[12:34:28 EST(-0500)] <EricDalquist> well there are two parts
[12:34:38 EST(-0500)] <EricDalquist> one is having the portlet manager set the permissions
[12:34:49 EST(-0500)] <EricDalquist> based on the workflow steps
[12:34:58 EST(-0500)] <EricDalquist> and having the rendering code do the checks
[12:35:12 EST(-0500)] <EricDalquist> the other is a UI for editing which groups have these permissions
[12:35:15 EST(-0500)] <EricDalquist> right?
[12:35:22 EST(-0500)] <athena> yeah, i suppose that's true
[12:35:39 EST(-0500)] <athena> actually
[12:36:03 EST(-0500)] <athena> not sure that's quite right
[12:36:22 EST(-0500)] <athena> the only permissions the portlet manager can set right now are subscribe ones
[12:36:51 EST(-0500)] <EricDalquist> well it could set additional permissions right?
[12:37:20 EST(-0500)] <athena> depends on what you mean
[12:37:32 EST(-0500)] <athena> yes, it could go through and set the same permissions for each group the user picked
[12:37:36 EST(-0500)] <athena> but that's about it
[12:38:31 EST(-0500)] <EricDalquist> hrm
[12:38:49 EST(-0500)] <EricDalquist> so how does the workflow code track what step a channel is in?
[12:39:38 EST(-0500)] <athena> by examining the approval and publish and expiration dates
[12:40:10 EST(-0500)] <EricDalquist> really what we need is a permission on user groups
[12:40:35 EST(-0500)] <EricDalquist> so something like "Portal Administrators" "Can Render" "Published Portlets"
[12:40:52 EST(-0500)] <EricDalquist> I can't remember if I'm on the right track with how the permissions code works
[12:41:23 EST(-0500)] <athena> yeah, i'm kind of wondering that as well
[12:41:55 EST(-0500)] <EricDalquist> isn't that how the render permission works right now?
[12:42:06 EST(-0500)] <EricDalquist> Group X can render channel Y is what gets stored right?
[12:42:12 EST(-0500)] <athena> yes
[12:42:18 EST(-0500)] <athena> looks like that's true
[12:42:26 EST(-0500)] <EricDalquist> so what I think what we want is more general for now
[12:42:27 EST(-0500)] <athena> so "Everyone" can render "this channel"
[12:42:42 EST(-0500)] <EricDalquist> Group X can render "Published Channels"
[12:42:50 EST(-0500)] <EricDalquist> where Published Channels is just a static key
[12:43:02 EST(-0500)] <EricDalquist> what are the workflow step names again?
[12:43:07 EST(-0500)] <EricDalquist> make sure I'm using the right things
[12:43:07 EST(-0500)] <athena> hm, sort of like the UP.FRAMEWORK one?
[12:43:16 EST(-0500)] <athena> i think created, approved, published, and expired
[12:43:17 EST(-0500)] <EricDalquist> yeah
[12:43:44 EST(-0500)] <EricDalquist> so from what I've seen awills do with permissions that target string is pretty flexible
[12:43:51 EST(-0500)] <athena> so maybe we'd just have a default of "Admins can render approved channels"
[12:44:01 EST(-0500)] <EricDalquist> yeah
[12:44:09 EST(-0500)] <EricDalquist> a few defaults
[12:44:12 EST(-0500)] <athena> and then the group-picking UI would only apply to render permissions?
[12:44:16 EST(-0500)] <EricDalquist> yup
[12:44:26 EST(-0500)] <EricDalquist> I think that is reasonable for now
[12:45:30 EST(-0500)] <athena> k
[12:45:52 EST(-0500)] <athena> i'm wondering if we need to shelve render vs. subscribe for now
[12:46:08 EST(-0500)] <EricDalquist> probably
[12:46:14 EST(-0500)] <EricDalquist> don't want to take on too much
[12:46:23 EST(-0500)] <athena> well, and we don't have the UI to represent it
[12:46:46 EST(-0500)] <athena> so we could automatically set the render and subscribe permissions at the same time
[12:47:09 EST(-0500)] <athena> but then if you changed one of them w/ the permissions manager your settings would be overwritten if you edited the channel again
[12:47:38 EST(-0500)] <EricDalquist> right
[12:48:03 EST(-0500)] <EricDalquist> so I think we just avoid that for now, if we can
[12:48:14 EST(-0500)] <EricDalquist> that being separating the two
[12:48:14 EST(-0500)] <athena> ok
[12:48:21 EST(-0500)] <athena> first things first 
[12:49:16 EST(-0500)] <EricDalquist> yup
[12:49:37 EST(-0500)] <athena> seems like maybe what we want is to be able to set permissions for groups on whole categories of channels
[12:49:37 EST(-0500)] <EricDalquist> oh and my weather portlet demo for fluid doesn't show the issue
[12:49:45 EST(-0500)] <EricDalquist> since we don't have the portal using the reorderer yet
[12:49:46 EST(-0500)] <athena> oh it doesn't?
[12:49:47 EST(-0500)] <EricDalquist> it works fine
[12:49:49 EST(-0500)] <athena> oh
[12:49:56 EST(-0500)] <athena> lol
[12:50:07 EST(-0500)] <EricDalquist> it breaks when it is in a portal that is using the reorder for the UI too
[12:50:11 EST(-0500)] <EricDalquist> well
[12:50:13 EST(-0500)] <EricDalquist> not breaks
[12:50:17 EST(-0500)] <EricDalquist> but gets choppy
[12:50:43 EST(-0500)] <athena> so you think it's an issue of using the list reorderer within the layout reorderer?
[12:50:51 EST(-0500)] <EricDalquist> no idea
[12:50:54 EST(-0500)] <athena> the odd thing is that i think the demo portlet's reorderer works
[13:11:37 EST(-0500)] * colinclark (n=colin@12.157.240.41) has joined ##uportal
[13:31:06 EST(-0500)] * michelled (n=michelle@CPE001310472ade-CM0011aefd3ca8.cpe.net.cable.rogers.com) has joined ##uportal
[13:59:22 EST(-0500)] <athena> can channels inherit permissions from their parent categories, or does the permissions system just not work like that?
[14:00:02 EST(-0500)] <EricDalquist> they can I believe
[14:00:13 EST(-0500)] <EricDalquist> as far as I know the permissions system walks up the tree
[14:05:09 EST(-0500)] <athena> ok
[14:09:12 EST(-0500)] <EricDalquist> oh athena one other thing that I'll be doing for 3.2 is updating to the 2.0.10 of maven-ant-tasks
[14:09:20 EST(-0500)] <EricDalquist> which supports profiles
[14:09:21 EST(-0500)] <EricDalquist> somewhat
[14:09:32 EST(-0500)] <athena> wooo
[14:09:35 EST(-0500)] <EricDalquist> you can add <profile> tags under any other <artifact:> tag
[14:09:36 EST(-0500)] <athena> sucking less!
[14:09:38 EST(-0500)] <athena> lol
[14:09:40 EST(-0500)] <EricDalquist> and enable profiles
[14:09:43 EST(-0500)] <EricDalquist> still not great
[14:09:46 EST(-0500)] <EricDalquist> but better than it way
[14:09:47 EST(-0500)] <EricDalquist> was
[14:09:52 EST(-0500)] <athena> yeah, definitely
[14:09:55 EST(-0500)] <athena> every little bit helps
[14:10:32 EST(-0500)] <athena> so w/ the permissions i'm thinking maybe we want to set some permissions at the All Categories level
[14:10:47 EST(-0500)] <athena> rather than trying to create a new static key
[14:10:48 EST(-0500)] <EricDalquist> probably
[14:11:31 EST(-0500)] <athena> as long as channels can inherit something like "grant render expired channel on all categories" then that shoudl work out
[14:21:21 EST(-0500)] * Sememmon_ (n=Sememmon@m430436d0.tmodns.net) has joined ##uportal
[14:29:59 EST(-0500)] * Sememmon (n=Sememmon@unaffiliated/sememmon) has joined ##uportal
[14:31:38 EST(-0500)] <athena> anyone know why there's both permission and permission_set stuff in the trunk?
[14:31:46 EST(-0500)] <athena> are those different, or is one just older?
[14:31:57 EST(-0500)] <EricDalquist> different styles for the same thing
[14:32:05 EST(-0500)] <EricDalquist> permission_set results in far fewer files
[14:32:23 EST(-0500)] <athena> ah ok
[14:32:39 EST(-0500)] <athena> can you list multiple activities in a set?
[14:33:10 EST(-0500)] <EricDalquist> I can't remember. what do the other sets have multiples of?
[14:33:15 EST(-0500)] <athena> not that
[14:33:19 EST(-0500)] <athena> targets
[14:33:22 EST(-0500)] <EricDalquist> is the activity in the name of the file?
[14:33:32 EST(-0500)] <athena> hm, yeah
[14:33:36 EST(-0500)] <EricDalquist> yeah, then no
[14:33:39 EST(-0500)] <athena> ok
[14:33:47 EST(-0500)] * athena attemtps to be less lazy and try again
[14:33:51 EST(-0500)] <EricDalquist>
[14:38:22 EST(-0500)] <athena> i guess the AuthorizationImpl method is going to have to go get the channel out of the database to see what it's lifecycle state is
[14:38:37 EST(-0500)] <EricDalquist> yeah
[14:38:52 EST(-0500)] <athena> i guess we're probably already caching most of that stuff anyway
[14:38:54 EST(-0500)] <EricDalquist> is there a helper method on the flow helper object it could use?
[14:38:56 EST(-0500)] <EricDalquist> yeah
[14:39:03 EST(-0500)] <EricDalquist> channel defs will be cached
[14:39:16 EST(-0500)] <athena> no, i mean the authorization code that's used by DLM, ChannelManager, etc.
[14:39:44 EST(-0500)] <EricDalquist> ah yeah
[14:39:47 EST(-0500)] <EricDalquist> that will be cached too
[14:40:06 EST(-0500)] <athena> ok
[14:40:12 EST(-0500)] <athena> well hopefully this shouldnt' be too complicated
[14:40:34 EST(-0500)] <athena> just add the channel registry store to the AuthorizationImpl class, and do logic based on the channel's lifecycle state
[14:40:39 EST(-0500)] <athena> then add the permissions
[14:40:43 EST(-0500)] <athena> and that should be most of it, i think
[14:41:38 EST(-0500)] <EricDalquist> does that lifecycle logic already exist somewhere?
[14:41:48 EST(-0500)] <EricDalquist> it would be nice to not have that math in more than one place
[14:44:34 EST(-0500)] <athena> yep
[14:44:52 EST(-0500)] <athena> it's actually a method on the channel definition interface
[14:44:56 EST(-0500)] <athena> getLifecycleState()
[14:44:59 EST(-0500)] <athena> which returns an enum
[14:45:01 EST(-0500)] <EricDalquist> ah nice
[14:45:28 EST(-0500)] <athena> i mean i suppose we could even make the applicable subscribe permission a field on the enum if we wanted
[14:45:36 EST(-0500)] <athena> the enum currently contains the name and the order
[14:45:50 EST(-0500)] <athena> so we can do things like ask if one lifecycle state is "before" another
[14:46:01 EST(-0500)] <EricDalquist> I think that's good enough
[14:46:26 EST(-0500)] <EricDalquist> I'm not sure we want to pollute the enum with subscribe info
[14:46:35 EST(-0500)] <athena> yeah
[14:46:56 EST(-0500)] <athena> for now i've just defined new fields on IPermission
[14:47:47 EST(-0500)] <athena> i don't know if we maybe want to modify the channel implementation to only compute the lifecycle once
[14:47:57 EST(-0500)] <athena> or once until any of the relevant fields are changed
[14:48:07 EST(-0500)] <EricDalquist> you could probably do it once when it is loaded
[14:48:12 EST(-0500)] <athena> yeah
[14:48:33 EST(-0500)] <athena> right now the logic is just in the method itself, which means it would get executed each time we ask what the lifecycle is
[14:48:37 EST(-0500)] <EricDalquist> does the JPA channel def use the @Post annotations at all?
[14:48:39 EST(-0500)] <athena> which is kind of unecessary
[14:48:45 EST(-0500)] <athena> i don't think so
[14:48:53 EST(-0500)] <EricDalquist> take a look at the JPA portlet def
[14:48:53 EST(-0500)] <athena> what does that do?
[14:49:03 EST(-0500)] <EricDalquist> it has a private method with a bunch of @Post* annotations on it
[14:49:04 EST(-0500)] <athena> yep, guess it does
[14:49:08 EST(-0500)] <athena> neat
[14:49:15 EST(-0500)] <EricDalquist> ok, that method gets called after the object is loaded from the DB
[14:49:26 EST(-0500)] <EricDalquist> handy for doing post-populating work
[14:49:31 EST(-0500)] <athena> very cool
[14:49:43 EST(-0500)] <athena> we'd still need to be able to update the lifecycle when the fields that make up that calculation are changed
[14:49:47 EST(-0500)] <EricDalquist> yeah
[14:49:55 EST(-0500)] <athena> maybe add something to the relevant setters?
[14:49:56 EST(-0500)] <EricDalquist> so you probably want another private method that does the calculations
[14:50:01 EST(-0500)] <EricDalquist> yeah
[14:50:05 EST(-0500)] <athena> sounds good to me
[14:50:25 EST(-0500)] <athena> i should add some tests for that logic, too
[14:50:36 EST(-0500)] <athena> i've been having trouble figuring out how to make a lot of these new helpers testable
[14:50:56 EST(-0500)] <athena> since so many of them mostly just wrap static groups and permissions methods
[14:51:01 EST(-0500)] <EricDalquist> uhg yeah
[14:51:07 EST(-0500)] <EricDalquist> that is really hard
[14:51:11 EST(-0500)] <athena> so i feel bad about having no tests, but . . .
[14:51:26 EST(-0500)] <athena> i think that's my biggest complaint about the groups and permissions API right now
[14:52:32 EST(-0500)] <EricDalquist> yeah
[14:52:38 EST(-0500)] <EricDalquist> that is one of the last really painful APIs
[14:52:45 EST(-0500)] <EricDalquist> due to all of the static init it does
[14:52:53 EST(-0500)] <EricDalquist> someday there will be time for it
[14:53:33 EST(-0500)] <athena>
[15:54:18 EST(-0500)] * colinclark (n=colin@12.157.240.41) has joined ##uportal
[16:01:29 EST(-0500)] * colinclark_ (n=colin@12.157.240.3) has joined ##uportal
[16:38:37 EST(-0500)] * colinclark (n=colin@12.157.240.3) has joined ##uportal
[17:23:55 EST(-0500)] <athena> EricDalquist: looks like the new permissions are working
[18:02:15 EST(-0500)] * colinclark (n=colin@12.157.240.41) has joined ##uportal
Manage space
Manage content
Integrations