Following the user/client/site relationship (#335254: associates users with clients in an autocomplete field), I would like to see this feature extended to support "types" of users. To quote a comment I made earlier in that issue:

[...] the relation between clients and users should be "qualified" There are different "types" of "users" that have access to the the "client". On the top of my head I can already think of those:

* tech
* billing
* owner

Those can be all the same person, but it's important to have different types of contact for the site so that we contact the right person for various issues (billing is very different from tech issues: the first will receive the bills, the second one maintenance announcements and the like).

I also think that users can have access to multiple clients too. So the relation is actually many to many, and typed. Note that this is also related to #336068: Confirmation e-mails should be sent to client users, not to the client email: that issue is an excellent example of use for the tech contact. The mail should be sent to the tech contact.

CommentFileSizeAuthor
#22 371769_n-to-n.patch11.66 KBanarcat
#21 371769_n-to-n.patch11.41 KBanarcat
#17 371769_n-to-n.patch11.29 KBanarcat
#16 371769_n-to-n.patch11.04 KBanarcat
#10 371769_n-to-n.patch11.37 KBanarcat
#9 371769_n-to-n.patch10.21 KBanarcat
#8 371769_n-to-n.patch8.15 KBanarcat
#5 371769_n-to-n-5.patch7.8 KBmathieu
#4 371769_n-to-n-3.patch5.59 KBmathieu
#3 371769_n-to-n-2.patch5.34 KBmathieu
#1 371769_n-to-n.patch4.6 KBmathieu

Comments

mathieu’s picture

mathieu commented
Status: Active » Needs work
StatusFileSize
new 371769_n-to-n.patch4.6 KB

Here's a first patch - applies to today's version of hosting. Not sure of the last change to hosting_node_grants() .. needs to be tested some more.

anarcat’s picture

anarcat commented

Things to improve:

* the SQL structure changes are only applied in the update_N functions and not in the basic schema
* there is one comment in french

Of course this is a work in progress, but just some things to keep in mind for now.

mathieu’s picture

mathieu commented
StatusFileSize
new 371769_n-to-n-2.patch5.34 KB
mathieu’s picture

mathieu commented
StatusFileSize
new 371769_n-to-n-3.patch5.59 KB

Re-roll that fixes issues raised by anarcat.

mathieu’s picture

mathieu commented
StatusFileSize
new 371769_n-to-n-5.patch7.8 KB

New patch. Allows a user to select a specific client when creating a new site + prevents "devel.module" from breaking the ajax output.

anarcat’s picture

anarcat commented

This will need to be ported since I committed a fix for #442262: access controls broken for site creation in client. Please review.

anarcat’s picture

anarcat commented

Patch rerolled. From my testing, a few things are still missing/broken:

* submitting the user edit form only keeps the last user selected
* no place to set the relation type (not a problem, but if we don't allow changing it, we shouldn't show it either)
* nothing in the client edition form
* paging?
* when logged into a user that only has 'aegir client' and access to a single client, i get this:

    * warning: Invalid argument supplied for foreach() in /var/hostmaster/drupal-5.16/profiles/hostmaster/modules/hosting/site/hosting_site.module on line 231.
    * warning: Invalid argument supplied for foreach() in /var/hostmaster/drupal-5.16/modules/node/node.module on line 561.
    * warning: implode() [function.implode]: Invalid arguments passed in /var/hostmaster/drupal-5.16/modules/node/node.module on line 565.
    * user warning: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '' at line 1 query: SELECT n.nid, n.vid, n.type, n.status, n.created, n.changed, n.comment, n.promote, n.sticky, r.timestamp AS revision_timestamp, r.title, r.body, r.teaser, r.log, r.format, u.uid, u.name, u.picture, u.data FROM node n INNER JOIN users u ON u.uid = n.uid INNER JOIN node_revisions r ON r.vid = n.vid WHERE in /var/hostmaster/drupal-5.16/includes/database.mysql.inc on line 174.
    * warning: key() [function.key]: Passed variable is not an array or object in /var/hostmaster/drupal-5.16/profiles/hostmaster/modules/hosting/site/hosting_site.module on line 259.

Otherwise access controls seem to work. Of all those problems only the first and the last are real problems right now.

anarcat’s picture

anarcat commented
StatusFileSize
new 371769_n-to-n.patch8.15 KB

Forgot the file.

anarcat’s picture

anarcat commented
Status: Needs work » Needs review
StatusFileSize
new 371769_n-to-n.patch10.21 KB

So I worked around a lot of those issues. We still have to fix this:

* no place to set the relation type (not a problem, but if we don't allow changing it, we shouldn't show it either)
* nothing in the client edition form
* paging?

But this is already useable. I would think it ready for testing.

Note that I remove the call to hook_user_submit() in insert/update because it was called twice (that may not be obvious in the patch...)

anarcat’s picture

anarcat commented
StatusFileSize
new 371769_n-to-n.patch11.37 KB

Fix client creation with automatic user creation.

Add code to allow setting the relationship type.

anarcat’s picture

anarcat commented
Status: Needs review » Needs work

The new user creation form barfs on the hosting_client field not being set, that's rather annoying...

anarcat’s picture

anarcat commented

... and the signup form is broken by the patch: "Please fill in a valid client".

adrian’s picture

adrian commented

This is good code, but I feel it's a bit late in the game to commit this now, especially as this deeply deeply complicates the access permissions.

We'll get this in at the beginning of the 0.3 timeline

adrian’s picture

adrian commented 
anarcat: i wanted to rush it into 0.2 so we could get to work
[02:05am] anarcat: maybe we can get n2n without admin/tech/billing crap
[02:05am] anarcat: just remove the UIs for that
[02:06am] anarcat: Vertice: i really think we should push n2n
[02:06am] anarcat: in 0.2
[02:06am] anarcat: but without the 'type' part
[02:06am] anarcat: what do you think?

I can see it going in without the different access levels.
We just also need an interface for listing the users for each client.

Possibly we also need a permission to allow them to create new users for themselves too =\

adrian’s picture

adrian commented

I don't want to see us focussing too much effort on this, since clients are (for now) still an experimental feature.

anarcat’s picture

anarcat commented
StatusFileSize
new 371769_n-to-n.patch11.04 KB

So. I've rerolled the patch without the UI for 'type' edition. The remaining issues before this hits head:

* fix the signup form
* fix the user creation form

After that, the things that would also be nice to get into the tree:

* list/edit users in clients
* permission for users to create new users for a client
* this goes in pair with an 'edit own clients' permission that would allow users to control the ACL for their clients (as opposed to administer clients, which lets you control any client)

If we commit this, we go beta. If we don't, we go RC.

anarcat’s picture

anarcat commented
Status: Needs work » Needs review
StatusFileSize
new 371769_n-to-n.patch11.29 KB

Here's a reroll that fixes the two critical issues. I think this is ready for a commit.

anarcat’s picture

anarcat commented

A test routine i described on IRC:

12:58:33 <@anarcat> basically, you need to read the issue description but in short:
12:58:47 <@anarcat> this patch allows you to have multiple users per client and multiple clients per user
12:58:50 <+acbot> yeh i did
12:58:59 <@anarcat> (whereas now you only have multiple users per client)
12:59:05 <+acbot> do you have a test routine?
12:59:10 <@anarcat> i would do this:
12:59:13 <@anarcat> 1. create a new user
12:59:22 <@anarcat> 2. associate it with a client (in its edit form)
12:59:32 <@anarcat> 3. create a new client
12:59:38 <@anarcat> 4. add it to the new user
12:59:43 <@anarcat> 5. remove the old client from the user
12:59:46 <@anarcat> 6. add it back
12:59:50 <@anarcat> (this is just testing the form)
13:00:09 <@anarcat> (so now you have new user B, and you're logged in as user A)
13:00:21 <@anarcat> (you have clients C and D, D being the new client you just created)
13:00:35 <@anarcat> 7. create sites for clients C and D, as user A
13:00:53 <@anarcat> now you should have sites for clients C and D, your user A is admin so he should see everything
13:01:02 <+acbot> on point 1) should i grant the user 'aegir client' role?
13:01:03 <@anarcat> your user B should only have access to client D
13:01:08 <@anarcat> (yes)
13:01:20 <@anarcat> so now login as your user B (devel module 'switch user' block helps here)
13:01:30 <@anarcat> and verify that you only see the sites of client B
13:01:40 <@anarcat> client D sorry
13:01:44 <@anarcat> you should also only be able to create sites for client D too
13:01:48 <@anarcat> so
13:01:54 <@anarcat> 8. create a site for client D as user B
13:02:03 <@anarcat> 9. logout and log in as user A
13:02:09 <@anarcat> 10. give access to client C to user B
13:02:12 <@anarcat> 11. login as user B
13:02:26 <@anarcat> 12. create a site for client C and another for client D as user B
13:02:33 <@anarcat> then I guess you're done testing :)
13:02:43 <@anarcat> you should also be able to do all the regular maintenance for the sites
ac’s picture

ac
Primary language English
Location Perth
commented

create -> site gives this:

#
* warning: Invalid argument supplied for foreach() in /var/aegir/drupal-5.17/modules/node/node.module on line 561.
#
    * warning: implode() [function.implode]: Bad arguments. in /var/aegir/drupal-5.17/modules/node/node.module on line 565.
#
    * user warning: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '' at line 1 query: SELECT n.nid, n.vid, n.type, n.status, n.created, n.changed, n.comment, n.promote, n.sticky, r.timestamp AS revision_timestamp, r.title, r.body, r.teaser, r.log, r.format, u.uid, u.name, u.picture, u.data FROM node n INNER JOIN users u ON u.uid = n.uid INNER JOIN node_revisions r ON r.vid = n.vid WHERE in /var/aegir/drupal-5.17/includes/database.mysqli.inc on line 156.

going to the client page of a new client and pressing the add site tab results in the new site being owned by UID1 client rather than the new client whose node you pressed 'add site' tab on

ac’s picture

ac
Primary language English
Location Perth
commented

If you actually try push on past the error above then you get this error on submission of the site creation form:

 # recoverable fatal error: Object of class stdClass could not be converted to string in /var/aegir/drupal-5.17/includes/bootstrap.inc on line 705.
 # warning: preg_match() expects parameter 2 to be string, object given in /var/aegir/drupal-5.17/includes/bootstrap.inc on line 708.
 # Access denied to client
anarcat’s picture

anarcat commented
StatusFileSize
new 371769_n-to-n.patch11.41 KB

acbot found a few issues with the patch, which should be fixed by this new reroll.

anarcat’s picture

anarcat commented
StatusFileSize
new 371769_n-to-n.patch11.66 KB

Rerolling the patch. This fixes issues with permissions for the admin user, re-enables the 'create site for client X' shortcut and allows the admin to properly bypass access checks for users.

anarcat’s picture

anarcat commented
Status: Needs review » Fixed

I have committed another version of the latest patch, after extensive testing by acbot.

I'm heading for a beta now. The remaining issues here will be raised in other issues.

anarcat’s picture

anarcat commented

Those extra features: #461840: type client/user relationships, #461836: allow users to edit client ACLs for their own clients and create users for their clients and #461834: allow list and edit of users in client nodes.

Status: Fixed » Closed (fixed)

Automatically closed -- issue fixed for 2 weeks with no activity.