Minor Hello,
I have been asked to implement POSIX group support in Nuxeo. We use the RFC 2307 schema [1]. This patchs only touches LDAPReference.java. It extends the staticAttribute option with a new boolean option called staticAttributeIsId where a true value indicates the content of the staticAttributeId field is the Id of an LDAP object instead of a DN.
<ldapReference field="members"
directory="userDirectory"
forceDnConsistencyCheck="false"
staticAttributeId="memberUid"
staticAttributeIsId="true" />
The patch is mostly working on my side. I can view, add and remove users from groups, and add and remove groups from users. My current version of the patch is attached to this message and was pushed to a personnal Hg repository [2]. I have not submitted a bug report on this because I'm stumbling on an unrelated problem.
The POSIX group object doesn't support subGroups but Nuxeo seems to expect to find subGroups in a group definition. If I don't add a dummy reference such as this one, Nuxeo crashed in various ways, all related to the missing subGroups link.
<!-- This doesn't make sense but I need that to test the patch -->
<ldapReference field="subGroups"
directory="groupDirectory"
staticAttributeId="memberUid"
forceDnConsistencyCheck="false"
staticAttributeIsId="false" />
Is there are way to tell Nuxeo that the directory doesn't support subGroups, that may have escaped me? I can take a stab at implementing this feature but since it spans several module in Nuxeo, from views to document model, I would like to know if there isn't an easy way to do that first.
[1] http://www.ietf.org/rfc/rfc2307.txt
[2] https://bitbucket.org/fdgonthier/nuxeo-services-patches
