FakeFAS groups <--> Drupal role

Paul W. Frields stickster at gmail.com
Fri Aug 13 13:41:36 UTC 2010 

On Thu, Aug 12, 2010 at 08:24:06PM -0500, Mike McGrath wrote:
> On Thu, 12 Aug 2010, Paul W. Frields wrote:
> 
> > I've hooked up the following role equivalencies via the AuthFAS plugin
> > for Drupal:
> >
> >   DRUPAL ROLE                   FAKEFAS GROUP
> >   -----------                   -------------
> >   administrator      <---->     cmsadmin
> >   writer	     <---->	cmswriters
> >   editor	     <---->	cmseditors
> >
> 
> Is it easier to use groups internal to Drupal for this purpose or is it
> just as easy either way?

Because of the way I wrote the AuthFAS plugin, it's just as easy
either way.

Basically, Drupal allows you to have an arbitrary number of roles, and
each role can have permissions set such as "can create content," "can
edit their own content," "can edit other people's content," "can
create calendar events"... and so on.

However, there's no easy way in Drupal to have certain people managing
certain roles.  You can either manage them, or you can't.  FAS is much
more capable in that respect.  It's nice to be able to have a few
people in charge of the administrator role, the edtors role, etc.

So the way I wrote the AuthFAS plugin here was to allow a mapping
between a Drupal role and a FAS group.  It's totally easy to make the
mapping.  You just edit the role and on the normal edit screen you now
get a field for a FAS group name to which you can tie it.  So we can
add as many (or as few) as we need for whatever purpose we like.

There's also a single required FAS group mapping, a group to which you
have to belong in order to sign in ('cla_done' for us).

When people sign in to the system, their FAS group memberships are
compared to the existing role<-->FAS group mappings, and their Drupal
roles are altered appropriately to match, before they go through the
final steps of authentication to the system.

-- 
Paul W. Frields                                http://paul.frields.org/
  gpg fingerprint: 3DA6 A0AC 6D58 FEC4 0233  5906 ACDB C937 BD11 3717
  http://redhat.com/   -  -  -  -   http://pfrields.fedorapeople.org/
          Where open source multiplies: http://opensource.com

More information about the logistics mailing list