Hello Yaw,
I received your response to my earlier question regarding passing the
handset id through the server URL.
I would kindly like you to help me understand some of the obstacles
presented so that i can have a work around. I have created an odk backend
and it is working very well.
I am storing my xforms in a database and now I would like to add a security
feature to limit access to specific xforms by different groups.
Regards,
waylon just added some comments to the bug at
http://code.google.com/p/opendatakit/issues/detail?id=81. essentially
if you wait for aggregate to update, you'll get this functionality.
quick hack would be to change collect's submission activity to submit
the imei in the url. then you'd have to hack aggregate to watch for
that imei and return the appropriate set of forms. the change in
collect is pretty trivial, but my guess is that aggregate will be more
work -- i'll leave waylon to confirm.
do you have java programming experience or know developers who can do this?
Collect utilizes the formList servlet in Aggregate to display the list of
forms so you will need to modify the code to look at the imei number in the
request and compare it to an access control list. The change is not too
difficult. I think the hardest issue is having a function call available to
check the imei number to determine what filter should be applied.
In regards to the more general solution for ODK server tools we are waiting
on the new javarosa server standard to be completed as it will add in the
concept of users. Once there is consensus on a standard we will begin to
release a new set of server tools. As part of the new set of server tools we
plan to address this issue by dealing with authentication in terms of users,
groups, and handsets. We plan to implement restrictions on forms and data
based on these these authentication types. If anyone has specific
suggestions, use cases, concerns, etc, you can add comments to issue 81, you
can post things to this thread, or you can address them to Mitch who leading
the charge on the new standards/interfaces for the server tools.
Cheers,
Waylon
waylon just added some comments to the bug at
http://code.google.com/p/opendatakit/issues/detail?id=81. essentially
if you wait for aggregate to update, you'll get this functionality.quick hack would be to change collect's submission activity to submit
the imei in the url. then you'd have to hack aggregate to watch for
that imei and return the appropriate set of forms. the change in
collect is pretty trivial, but my guess is that aggregate will be more
work -- i'll leave waylon to confirm.do you have java programming experience or know developers who can do this?
On Fri, Jun 25, 2010 at 12:07, Capito Joseph capitoj@gmail.com wrote:
Hello Yaw,
I received your response to my earlier question regarding passing the
handset id through the server URL.
I would kindly like you to help me understand some of the obstacles
presented so that i can have a work around. I have created an odk backend
and it is working very well.
I am storing my xforms in a database and now I would like to add a
security
feature to limit access to specific xforms by different groups.
Regards,Joseph Capito