Search Results

Search found 7445 results on 298 pages for 'admin rights'.

Page 2/298 | < Previous Page | 1 2 3 4 5 6 7 8 9 10 11 12  | Next Page >

  • Django Admin Page missing CSS

    - by super9
    I saw this question and recommendation from Django Projects here but still can't get this to work. My Django Admin pages are not displaying the CSS at all. This is my current configuration. settings.py ADMIN_MEDIA_PREFIX = '/media/admin/' httpd.conf <VirtualHost *:80> DocumentRoot /home/django/sgel ServerName ec2-***-**-***-***.ap-**********-1.compute.amazonaws.com ErrorLog /home/django/sgel/logs/apache_error.log CustomLog /home/django/sgel/logs/apache_access.log combined WSGIScriptAlias / /home/django/sgel/apache/django.wsgi <Directory /home/django/sgel/media> Order deny,allow Allow from all </Directory> <Directory /home/django/sgel/apache> Order deny,allow Allow from all </Directory> LogLevel warn Alias /media/ /home/django/sgel/media/ </VirtualHost> <VirtualHost *:80> ServerName sgel.com Redirect permanent / http://www.sgel.com/ </VirtualHost> In addition, I also ran the following to create (I think) the symbolic link ln -s /home/djangotest/sgel/media/admin/ /usr/lib/python2.6/site-packages/django/contrib/admin/media/ UPDATE In my httpd.conf file, User django Group django When I run ls -l in my /media directory drwxr-xr-x 2 root root 4096 Apr 4 11:03 admin -rw-r--r-- 1 root root 9 Apr 8 09:02 test.txt Should that root user be django instead? UPDATE 2 When I enter ls -la in my /media/admin folder total 12 drwxr-xr-x 2 root root 4096 Apr 13 03:33 . drwxr-xr-x 3 root root 4096 Apr 8 09:02 .. lrwxrwxrwx 1 root root 60 Apr 13 03:33 media -> /usr/lib/python2.6/site-packages/django/contrib/admin/media/ The thing is, when I navigate to /usr/lib/python2.6/site-packages/django/contrib/admin/media/, the folder was empty. So I copied the CSS, IMG and JS folders from my Django installation into /usr/lib/python2.6/site-packages/django/contrib/admin/media/ and it still didn't work

    Read the article

  • Limit foreign key choices in select in an inline form in admin

    - by mightyhal
    Edited :-) Hopefully a bit clearer now. The logic is of the model is: A Building has many Rooms A Room may be inside another Room (a closet, for instance--ForeignKey on 'self') A Room can only in inside of another Room in the same building (this is the tricky part) Here's the code I have: #spaces/models.py from django.db import models class Building(models.Model): name=models.CharField(max_length=32) def __unicode__(self): return self.name class Room(models.Model): number=models.CharField(max_length=8) building=models.ForeignKey(Building) inside_room=models.ForeignKey('self',blank=True,null=True) def __unicode__(self): return self.number and: #spaces/admin.py from ex.spaces.models import Building, Room from django.contrib import admin class RoomAdmin(admin.ModelAdmin): pass class RoomInline(admin.TabularInline): model = Room extra = 2 class BuildingAdmin(admin.ModelAdmin): inlines=[RoomInline] admin.site.register(Building, BuildingAdmin) admin.site.register(Room) The inline will display only rooms in the current building (which is what I want). The problem, though, is that for the inside_room drop down, it displays all of the rooms in the Rooms table (including those in other buildings). In the inline of rooms, I need to limit the inside_room choices to only rooms which are in the current building being displayed by the main form. I can't figure out a way to do it with either a limit_choices_to in the model, nor can I figure out how exactly to override the admin's inline formset properly (I feel like I should be somehow create a custom inline form, pass the building_id of the main form to the custom inline, then limit the queryset for the field's choices based on that--but I just can't wrap my head around how to do it). Maybe this is too complex for the admin site, but it seems like something that would be generally useful... Thanks again for your help!

    Read the article

  • Rails rspec expects Admin::PostsController, which is there.

    - by berkes
    I have a file app/controllers/admin/posts_controller.rb class Admin::PostsController < ApplicationController layout 'admin' # GET /admin/posts def index @pposts = Post.paginate :page => params[:page], :order => 'created_at DESC' end # ...Many more standard CRUD/REST methods... end And an rspec test spec/controllers/admin/posts_controller_spec.rb require 'spec_helper' describe Admin::PostsController do describe "GET 'index'" do it "should be successful" do get 'index' response.should be_success end end #...many more test for all CRUD/REST methods end However, running that spec throws an error. I have no idea what that error means, nor how to start solving it. /home/...../active_support/dependencies.rb:492:in `load_missing_constant': Expected /home/...../app/controllers/admin/posts_controller.rb to define Admin::PostsController (LoadError) I may have it all set up wrong, or may be doing something really silly, but all I want is my CRUD actions on /admin, with separate before filters and a separate layout. And to test these controllers. EDIT ZOMG, made a terrible copy-paste error into this SO posting. The controller was PostsController, not the PagesController that I pasted into there. Problem still stands, as my code is correct, just the SO post, here was wrong.

    Read the article

  • Django not recognizing django admin urls

    - by colorfulgrayscale
    I just registered my models my models with django admin. I navigate to the django admin at /admin. I log in sucessfully and I can see all my models. great so far. But now if I try to click one of the links, for Ex: 'users', django gives me a 404 saying The current URL, admin/auth/user/, didn't match any of these. Its really weird because in my urls.py I have it mapped correctly (r'^admin/', include(admin.site.urls)), I have all the required middleware enabled and have these in my installed apps 'django.contrib.auth', 'django.contrib.contenttypes', 'django.contrib.sessions', 'django.contrib.sites', 'django.contrib.messages', 'django.contrib.admin', anyone have any idea? Thanks.

    Read the article

  • Cannot Extend Django 1.2.1 Admin Template

    - by jcady
    I am attempting to override/extend the header for the Django admin in version 1.2.1. However when I try to extend the admin template and simply change what I need documented here: http://docs.djangoproject.com/en/dev/ref/contrib/admin/#overriding-vs-replacing-an-admin-template), I run into a recursion problem. I have an index.html file in my project's templates/admin/ directory that starts with {% extends "admin/index.html" %} But it seems that this is referencing the local index file (a.k.a. itself) rather than the default Django copy. I want to extend the default Django template and simply change a few blocks. When I try this file, I get a recursion depth error. How can I extend parts of the admin? Thanks.

    Read the article

  • django admin gives warning "Field 'X' doesn't have a default value"

    - by noam
    I have created two models out of an existing legacy DB , one for articles and one for tags that one can associate with articles: class Article(models.Model): article_id = models.AutoField(primary_key=True) text = models.CharField(max_length=400) class Meta: db_table = u'articles' class Tag(models.Model): tag_id = models.AutoField(primary_key=True) tag = models.CharField(max_length=20) article=models.ForeignKey(Article) class Meta: db_table = u'article_tags' I want to enable adding tags for an article from the admin interface, so my admin.py file looks like this: from models import Article,Tag from django.contrib import admin class TagInline(admin.StackedInline): model = Tag class ArticleAdmin(admin.ModelAdmin): inlines = [TagInline] admin.site.register(Article,ArticleAdmin) The interface looks fine, but when I try to save, I get: Warning at /admin/webserver/article/382/ Field 'tag_id' doesn't have a default value

    Read the article

  • Django: Using 2 different AdminSite instances with different models registered

    - by omat
    Apart from the usual admin, I want to create a limited admin for non-staff users. This admin site will have different registered ModelAdmins. I created a folder /useradmin/ in my project directory and similar to contrib/admin/_init_.py I added an autodiscover() which will register models defined in useradmin.py modules instead of admin.py: # useradmin/__init__.py def autodiscover(): # Same as admin.autodiscover() but registers useradmin.py modules ... for app in settings.INSTALLED_APPS: mod = import_module(app) try: before_import_registry = copy.copy(site._registry) import_module('%s.useradmin' % app) except: site._registry = before_import_registry if module_has_submodule(mod, 'useradmin'): raise I also cretated sites.py under useradmin/ to override AdminSite similar to contrib/admin/sites: # useradmin/sites.py class UserAdminSite(AdminSite): def has_permission(self, request): # Don't care if the user is staff return request.user.is_active def login(self, request): # Do the login stuff but don't care if the user is staff if request.user.is_authenticated(): ... else: ... site = UserAdminSite(name='useradmin') In the project's URLs: # urls.py from django.contrib import admin import useradmin admin.autodiscover() useradmin.autodiscover() urlpatterns = patterns('', (r'^admin/', include(admin.site.urls)), (r'^useradmin/', include(useradmin.site.urls)), ) And I try to register different models in admin.py and useradmin.py modules under app directories: # products/useradmin.py import useradmin class ProductAdmin(useradmin.ModelAdmin): pass useradmin.site.register(Product, ProductAdmin) But when registering models in useradmin.py like useradmin.site.register(Product, ProductAdmin), I get 'module' object has no attribute 'ModelAdmin' exception. Though when I try this via shell; import useradmin from useradmin import ModelAdmin does not raise any exception. Any ideas what might be wrong? Edit: I tried going the @Luke way and arranged the code as follows as minimal as possible: (file paths are relative to the project root) # admin.py from django.contrib.admin import autodiscover from django.contrib.admin.sites import AdminSite user_site = AdminSite(name='useradmin') # urls.py (does not even have url patterns; just calls autodiscover()) import admin admin.autodiscover() # products/admin.py import admin from products.models import Product admin.user_site.register(Product) As a result I get an AttributeError: 'module' object has no attribute 'user_site' when admin.user_site.register(Product) in products/admin.py is called. Any ideas? Solution: I don't know if there are better ways but, renaming the admin.py in the project root to useradmin.py and updating the imports accordingly resolved the last case, which was a naming and import conflict.

    Read the article

  • Error cloning gitosis-admin on new setup

    - by michaelmior
    I have the following in my gitosis.conf. (Created via gitsosis-init < id_rsa.pub with the key from my laptop) [gitosis] loglevel = DEBUG [group gitosis-admin] writable = gitosis-admin members = michael@laptop When I try git clone git@SERVER:gitsos-admin.git, I get the following errors: Initialized empty Git repository in /home/michael/gitsos-admin/.git/ DEBUG:gitosis.serve.main:Got command "git-upload-pack 'gitsos-admin.git'" DEBUG:gitosis.access.haveAccess:Access check for 'michael@laptop' as 'writable' on 'gitsos-admin.git'... DEBUG:gitosis.access.haveAccess:Stripping .git suffix from 'gitsos-admin.git', new value 'gitsos-admin' DEBUG:gitosis.group.getMembership:found 'michael@laptop' in 'gitosis-admin' DEBUG:gitosis.access.haveAccess:Access check for 'michael@laptop' as 'writeable' on 'gitsos-admin.git'... DEBUG:gitosis.access.haveAccess:Stripping .git suffix from 'gitsos-admin.git', new value 'gitsos-admin' DEBUG:gitosis.group.getMembership:found 'michael@laptop' in 'gitosis-admin' DEBUG:gitosis.access.haveAccess:Access check for 'michael@laptop' as 'readonly' on 'gitsos-admin.git'... DEBUG:gitosis.access.haveAccess:Stripping .git suffix from 'gitsos-admin.git', new value 'gitsos-admin' DEBUG:gitosis.group.getMembership:found 'michael@laptop' in 'gitosis-admin' ERROR:gitosis.serve.main:Repository read access denied fatal: The remote end hung up unexpectedly I know my key is being accepted because I have tried logging in via SSH and although a terminal won't be allocated, the authorization works.

    Read the article

  • input_formats in django admin has no effect

    - by pablo
    I'm trying to use input_foramts in the admin but it has no effect. What am I doing wrong? # model class Feedback(models.Model): created_at = models.DateTimeField(auto_now_add=True) # admin form class FeedbackAdminForm(forms.ModelForm): created_at = forms.DateTimeField(input_formats=('%d/%m/%Y',)) class Meta: model = Feedback # admin class FeedbackAdmin(admin.ModelAdmin): form = FeedbackAdminForm admin.site.register(Feedback, FeedbackAdmin) Thanks

    Read the article

  • Rights Expiry Options in IRM 11g

    - by martin.abrahams
    Among the many enhancements in IRM 11g, we have introduced a couple of new rights expiry options that may be applied to any role. These options were supported in previous versions, but fell into the "advanced configuration" category. In 11g, the options can be applied simply by selecting a check-box in the properties of a role, as shown by the rather extreme example below, where the role allows access for just two minutes after they are sealed. The new options are: To define a role that expires automatically some period after it is assigned To define a role that evaluates expiry relative to the time that each document is sealed These options supplement the familiar options to allow open-ended access (limited by offline access and the ever-present option to revoke rights at any time) and the option to define time windows with specific start dates and end dates. The value of these options is easiest to illustrate with some publishing examples: You might define a role with a one year expiry to be assigned to users who purchase a one year subscription. For each individual user, the year would be calculated from the time that the role was assigned to them. You might define a role that allows documents to be accessed only for 24 hours from the time that they are published - perhaps as a preview mechanism designed to tempt users to sign up for a full subscription. Upon payment of a full fee, users can simply be reassigned a role that gives them greater access to exactly the same documents. In a corporate environment, you might use such roles for fixed term contractors or for workflows that involve information with a short lifespan, or perhaps as part of a compliance process that requires rights to be formally re-approved at intervals. Being role-based, the time constraints apply to any number of documents - including documents that have not yet been created. For example, a user with a one year subscription would have access to all documents published in the relevant classification during the year without any further configuration. Crucially, unlike other solutions, it is not the documents that expire, but the rights of particular users. Whereas some solutions make documents completely inaccessible for all users after expiry, Oracle IRM can allow some users to continue using documents while other users lose access. Equally crucially, a user whose rights have expired can always be granted fresh rights at any time - for example, because they renew their subscription or because a manager confirms that they still need the rights as part of a corporate compliance process. By applying expiry to rights rather than to documents, Oracle IRM avoids the risk of locking an organization out of its own information.

    Read the article

  • Checking if app can run without admin rights?

    - by overtherainbow
    Hello To get Windows users to log on as regular users instead of admin, I need to check that all their applications run OK with limited rights. Is there an application specifically aimed at checking that an application can run with limited rights, or is SysInternals' Process Monitor what everyone uses for this purpose? Thank you.

    Read the article

  • No access to Windows 2003 admin shares

    - by ARomo
    This is the environment: Several Win 2003 SP 2 servers and several Win XP SP2 & SP3 clients. All in the same LAN. Firewall is disabled everywhere. No recent Windows updates or configuration changes. This is the problem: Since last Thursday, I log on to any other server or workstation as any regular (non-admin) user and I fail to be able to open ADMIN SHARES ONLY (namely \\server1\c$, \\server1\e$ and \\server1\admin$). The error message is: "\server1\c$ is not accessible. You might not have permission to use this network resource. Contact the administrator of this server to find out if you have access permissions. Multiple connections to a server or shared resource by the same user, using more than one user name, are not allowed. Disconnect all previous connections to the server or shared resource and try again." I can, however, open the same shares if I use FQDN or IP address: \\server1.domain.local\c$ \\172.0.0.1\c$ Other shares do not have this issue and I can open them without any issue. Any ideas or suggestion would be truly appreciated. Thank you in advance.

    Read the article

  • Quick guide to Oracle IRM 11g: Classification design

    - by Simon Thorpe
    Quick guide to Oracle IRM 11g indexThis is the final article in the quick guide to Oracle IRM. If you've followed everything prior you will now have a fully functional and tested Information Rights Management service. It doesn't matter if you've been following the 10g or 11g guide as this next article is common to both. ContentsWhy this is the most important part... Understanding the classification and standard rights model Identifying business use cases Creating an effective IRM classification modelOne single classification across the entire businessA context for each and every possible granular use caseWhat makes a good context? Deciding on the use of roles in the context Reviewing the features and security for context roles Summary Why this is the most important part...Now the real work begins, installing and getting an IRM system running is as simple as following instructions. However to actually have an IRM technology easily protecting your most sensitive information without interfering with your users existing daily work flows and be able to scale IRM across the entire business, requires thought into how confidential documents are created, used and distributed. This article is going to give you the information you need to ask the business the right questions so that you can deploy your IRM service successfully. The IRM team here at Oracle have over 10 years of experience in helping customers and it is important you understand the following to be successful in securing access to your most confidential information. Whatever you are trying to secure, be it mergers and acquisitions information, engineering intellectual property, health care documentation or financial reports. No matter what type of user is going to access the information, be they employees, contractors or customers, there are common goals you are always trying to achieve.Securing the content at the earliest point possible and do it automatically. Removing the dependency on the user to decide to secure the content reduces the risk of mistakes significantly and therefore results a more secure deployment. K.I.S.S. (Keep It Simple Stupid) Reduce complexity in the rights/classification model. Oracle IRM lets you make changes to access to documents even after they are secured which allows you to start with a simple model and then introduce complexity once you've understood how the technology is going to be used in the business. After an initial learning period you can review your implementation and start to make informed decisions based on user feedback and administration experience. Clearly communicate to the user, when appropriate, any changes to their existing work practice. You must make every effort to make the transition to sealed content as simple as possible. For external users you must help them understand why you are securing the documents and inform them the value of the technology to both your business and them. Before getting into the detail, I must pay homage to Martin White, Vice President of client services in SealedMedia, the company Oracle acquired and who created Oracle IRM. In the SealedMedia years Martin was involved with every single customer and was key to the design of certain aspects of the IRM technology, specifically the context model we will be discussing here. Listening carefully to customers and understanding the flexibility of the IRM technology, Martin taught me all the skills of helping customers build scalable, effective and simple to use IRM deployments. No matter how well the engineering department designed the software, badly designed and poorly executed projects can result in difficult to use and manage, and ultimately insecure solutions. The advice and information that follows was born with Martin and he's still delivering IRM consulting with customers and can be found at www.thinkers.co.uk. It is from Martin and others that Oracle not only has the most advanced, scalable and usable document security solution on the market, but Oracle and their partners have the most experience in delivering successful document security solutions. Understanding the classification and standard rights model The goal of any successful IRM deployment is to balance the increase in security the technology brings without over complicating the way people use secured content and avoid a significant increase in administration and maintenance. With Oracle it is possible to automate the protection of content, deploy the desktop software transparently and use authentication methods such that users can open newly secured content initially unaware the document is any different to an insecure one. That is until of course they attempt to do something for which they don't have any rights, such as copy and paste to an insecure application or try and print. Central to achieving this objective is creating a classification model that is simple to understand and use but also provides the right level of complexity to meet the business needs. In Oracle IRM the term used for each classification is a "context". A context defines the relationship between.A group of related documents The people that use the documents The roles that these people perform The rights that these people need to perform their role The context is the key to the success of Oracle IRM. It provides the separation of the role and rights of a user from the content itself. Documents are sealed to contexts but none of the rights, user or group information is stored within the content itself. Sealing only places information about the location of the IRM server that sealed it, the context applied to the document and a few other pieces of metadata that pertain only to the document. This important separation of rights from content means that millions of documents can be secured against a single classification and a user needs only one right assigned to be able to access all documents. If you have followed all the previous articles in this guide, you will be ready to start defining contexts to which your sensitive information will be protected. But before you even start with IRM, you need to understand how your own business uses and creates sensitive documents and emails. Identifying business use cases Oracle is able to support multiple classification systems, but usually there is one single initial need for the technology which drives a deployment. This need might be to protect sensitive mergers and acquisitions information, engineering intellectual property, financial documents. For this and every subsequent use case you must understand how users create and work with documents, to who they are distributed and how the recipients should interact with them. A successful IRM deployment should start with one well identified use case (we go through some examples towards the end of this article) and then after letting this use case play out in the business, you learn how your users work with content, how well your communication to the business worked and if the classification system you deployed delivered the right balance. It is at this point you can start rolling the technology out further. Creating an effective IRM classification model Once you have selected the initial use case you will address with IRM, you need to design a classification model that defines the access to secured documents within the use case. In Oracle IRM there is an inbuilt classification system called the "context" model. In Oracle IRM 11g it is possible to extend the server to support any rights classification model, but the majority of users who are not using an application integration (such as Oracle IRM within Oracle Beehive) are likely to be starting out with the built in context model. Before looking at creating a classification system with IRM, it is worth reviewing some recognized standards and methods for creating and implementing security policy. A very useful set of documents are the ISO 17799 guidelines and the SANS security policy templates. First task is to create a context against which documents are to be secured. A context consists of a group of related documents (all top secret engineering research), a list of roles (contributors and readers) which define how users can access documents and a list of users (research engineers) who have been given a role allowing them to interact with sealed content. Before even creating the first context it is wise to decide on a philosophy which will dictate the level of granularity, the question is, where do you start? At a department level? By project? By technology? First consider the two ends of the spectrum... One single classification across the entire business Imagine that instead of having separate contexts, one for engineering intellectual property, one for your financial data, one for human resources personally identifiable information, you create one context for all documents across the entire business. Whilst you may have immediate objections, there are some significant benefits in thinking about considering this. Document security classification decisions are simple. You only have one context to chose from! User provisioning is simple, just make sure everyone has a role in the only context in the business. Administration is very low, if you assign rights to groups from the business user repository you probably never have to touch IRM administration again. There are however some obvious downsides to this model.All users in have access to all IRM secured content. So potentially a sales person could access sensitive mergers and acquisition documents, if they can get their hands on a copy that is. You cannot delegate control of different documents to different parts of the business, this may not satisfy your regulatory requirements for the separation and delegation of duties. Changing a users role affects every single document ever secured. Even though it is very unlikely a business would ever use one single context to secure all their sensitive information, thinking about this scenario raises one very important point. Just having one single context and securing all confidential documents to it, whilst incurring some of the problems detailed above, has one huge value. Once secured, IRM protected content can ONLY be accessed by authorized users. Just think of all the sensitive documents in your business today, imagine if you could ensure that only everyone you trust could open them. Even if an employee lost a laptop or someone accidentally sent an email to the wrong recipient, only the right people could open that file. A context for each and every possible granular use case Now let's think about the total opposite of a single context design. What if you created a context for each and every single defined business need and created multiple contexts within this for each level of granularity? Let's take a use case where we need to protect engineering intellectual property. Imagine we have 6 different engineering groups, and in each we have a research department, a design department and manufacturing. The company information security policy defines 3 levels of information sensitivity... restricted, confidential and top secret. Then let's say that each group and department needs to define access to information from both internal and external users. Finally add into the mix that they want to review the rights model for each context every financial quarter. This would result in a huge amount of contexts. For example, lets just look at the resulting contexts for one engineering group. Q1FY2010 Restricted Internal - Engineering Group 1 - Research Q1FY2010 Restricted Internal - Engineering Group 1 - Design Q1FY2010 Restricted Internal - Engineering Group 1 - Manufacturing Q1FY2010 Restricted External- Engineering Group 1 - Research Q1FY2010 Restricted External - Engineering Group 1 - Design Q1FY2010 Restricted External - Engineering Group 1 - Manufacturing Q1FY2010 Confidential Internal - Engineering Group 1 - Research Q1FY2010 Confidential Internal - Engineering Group 1 - Design Q1FY2010 Confidential Internal - Engineering Group 1 - Manufacturing Q1FY2010 Confidential External - Engineering Group 1 - Research Q1FY2010 Confidential External - Engineering Group 1 - Design Q1FY2010 Confidential External - Engineering Group 1 - Manufacturing Q1FY2010 Top Secret Internal - Engineering Group 1 - Research Q1FY2010 Top Secret Internal - Engineering Group 1 - Design Q1FY2010 Top Secret Internal - Engineering Group 1 - Manufacturing Q1FY2010 Top Secret External - Engineering Group 1 - Research Q1FY2010 Top Secret External - Engineering Group 1 - Design Q1FY2010 Top Secret External - Engineering Group 1 - Manufacturing Now multiply the above by 6 for each engineering group, 18 contexts. You are then creating/reviewing another 18 every 3 months. After a year you've got 72 contexts. What would be the advantages of such a complex classification model? You can satisfy very granular rights requirements, for example only an authorized engineering group 1 researcher can create a top secret report for access internally, and his role will be reviewed on a very frequent basis. Your business may have very complex rights requirements and mapping this directly to IRM may be an obvious exercise. The disadvantages of such a classification model are significant...Huge administrative overhead. Someone in the business must manage, review and administrate each of these contexts. If the engineering group had a single administrator, they would have 72 classifications to reside over each year. From an end users perspective life will be very confusing. Imagine if a user has rights in just 6 of these contexts. They may be able to print content from one but not another, be able to edit content in 2 contexts but not the other 4. Such confusion at the end user level causes frustration and resistance to the use of the technology. Increased synchronization complexity. Imagine a user who after 3 years in the company ends up with over 300 rights in many different contexts across the business. This would result in long synchronization times as the client software updates all your offline rights. Hard to understand who can do what with what. Imagine being the VP of engineering and as part of an internal security audit you are asked the question, "What rights to researchers have to our top secret information?". In this complex model the answer is not simple, it would depend on many roles in many contexts. Of course this example is extreme, but it highlights that trying to build many barriers in your business can result in a nightmare of administration and confusion amongst users. In the real world what we need is a balance of the two. We need to seek an optimum number of contexts. Too many contexts are unmanageable and too few contexts does not give fine enough granularity. What makes a good context? Good context design derives mainly from how well you understand your business requirements to secure access to confidential information. Some customers I have worked with can tell me exactly the documents they wish to secure and know exactly who should be opening them. However there are some customers who know only of the government regulation that requires them to control access to certain types of information, they don't actually know where the documents are, how they are created or understand exactly who should have access. Therefore you need to know how to ask the business the right questions that lead to information which help you define a context. First ask these questions about a set of documentsWhat is the topic? Who are legitimate contributors on this topic? Who are the authorized readership? If the answer to any one of these is significantly different, then it probably merits a separate context. Remember that sealed documents are inherently secure and as such they cannot leak to your competitors, therefore it is better sealed to a broad context than not sealed at all. Simplicity is key here. Always revert to the first extreme example of a single classification, then work towards essential complexity. If there is any doubt, always prefer fewer contexts. Remember, Oracle IRM allows you to change your mind later on. You can implement a design now and continue to change and refine as you learn how the technology is used. It is easy to go from a simple model to a more complex one, it is much harder to take a complex model that is already embedded in the work practice of users and try to simplify it. It is also wise to take a single use case and address this first with the business. Don't try and tackle many different problems from the outset. Do one, learn from the process, refine it and then take what you have learned into the next use case, refine and continue. Once you have a good grasp of the technology and understand how your business will use it, you can then start rolling out the technology wider across the business. Deciding on the use of roles in the context Once you have decided on that first initial use case and a context to create let's look at the details you need to decide upon. For each context, identify; Administrative rolesBusiness owner, the person who makes decisions about who may or may not see content in this context. This is often the person who wanted to use IRM and drove the business purchase. They are the usually the person with the most at risk when sensitive information is lost. Point of contact, the person who will handle requests for access to content. Sometimes the same as the business owner, sometimes a trusted secretary or administrator. Context administrator, the person who will enact the decisions of the Business Owner. Sometimes the point of contact, sometimes a trusted IT person. Document related rolesContributors, the people who create and edit documents in this context. Reviewers, the people who are involved in reviewing documents but are not trusted to secure information to this classification. This role is not always necessary. (See later discussion on Published-work and Work-in-Progress) Readers, the people who read documents from this context. Some people may have several of the roles above, which is fine. What you are trying to do is understand and define how the business interacts with your sensitive information. These roles obviously map directly to roles available in Oracle IRM. Reviewing the features and security for context roles At this point we have decided on a classification of information, understand what roles people in the business will play when administrating this classification and how they will interact with content. The final piece of the puzzle in getting the information for our first context is to look at the permissions people will have to sealed documents. First think why are you protecting the documents in the first place? It is to prevent the loss of leaking of information to the wrong people. To control the information, making sure that people only access the latest versions of documents. You are not using Oracle IRM to prevent unauthorized people from doing legitimate work. This is an important point, with IRM you can erect many barriers to prevent access to content yet too many restrictions and authorized users will often find ways to circumvent using the technology and end up distributing unprotected originals. Because IRM is a security technology, it is easy to get carried away restricting different groups. However I would highly recommend starting with a simple solution with few restrictions. Ensure that everyone who reasonably needs to read documents can do so from the outset. Remember that with Oracle IRM you can change rights to content whenever you wish and tighten security. Always return to the fact that the greatest value IRM brings is that ONLY authorized users can access secured content, remember that simple "one context for the entire business" model. At the start of the deployment you really need to aim for user acceptance and therefore a simple model is more likely to succeed. As time passes and users understand how IRM works you can start to introduce more restrictions and complexity. Another key aspect to focus on is handling exceptions. If you decide on a context model where engineering can only access engineering information, and sales can only access sales data. Act quickly when a sales manager needs legitimate access to a set of engineering documents. Having a quick and effective process for permitting other people with legitimate needs to obtain appropriate access will be rewarded with acceptance from the user community. These use cases can often be satisfied by integrating IRM with a good Identity & Access Management technology which simplifies the process of assigning users the correct business roles. The big print issue... Printing is often an issue of contention, users love to print but the business wants to ensure sensitive information remains in the controlled digital world. There are many cases of physical document loss causing a business pain, it is often overlooked that IRM can help with this issue by limiting the ability to generate physical copies of digital content. However it can be hard to maintain a balance between security and usability when it comes to printing. Consider the following points when deciding about whether to give print rights. Oracle IRM sealed documents can contain watermarks that expose information about the user, time and location of access and the classification of the document. This information would reside in the printed copy making it easier to trace who printed it. Printed documents are slower to distribute in comparison to their digital counterparts, so time sensitive information in printed format may present a lower risk. Print activity is audited, therefore you can monitor and react to users abusing print rights. Summary In summary it is important to think carefully about the way you create your context model. As you ask the business these questions you may get a variety of different requirements. There may be special projects that require a context just for sensitive information created during the lifetime of the project. There may be a department that requires all information in the group is secured and you might have a few senior executives who wish to use IRM to exchange a small number of highly sensitive documents with a very small number of people. Oracle IRM, with its very flexible context classification system, can support all of these use cases. The trick is to introducing the complexity to deliver them at the right level. In another article i'm working on I will go through some examples of how Oracle IRM might map to existing business use cases. But for now, this article covers all the important questions you need to get your IRM service deployed and successfully protecting your most sensitive information.

    Read the article

  • Django Admin: OneToOne Relation as an Inline?

    - by Jim Robert
    I am putting together the admin for a satchmo application. Satchmo uses OneToOne relations to extend the base Product model, and I'd like to edit it all on one page. It is possible to have a OneToOne relation as an Inline? If not, what is the best way to add a few fields to a given page of my admin that will eventually be saved into the OneToOne relation? for example: class Product(models.Model): name = models.CharField(max_length=100) ... class MyProduct(models.Model): product = models.OneToOne(Product) ... I tried this for my admin but it does not work, and seems to expect a Foreign Key: class ProductInline(admin.StackedInline): model = Product fields = ('name',) class MyProductAdmin(admin.ModelAdmin): inlines = (AlbumProductInline,) admin.site.register(MyProduct, MyProductAdmin) Which throws this error: <class 'satchmo.product.models.Product'> has no ForeignKey to <class 'my_app.models.MyProduct'> Is the only way to do this a Custom Form? edit: Just tried the following code to add the fields directly... also does not work: class AlbumAdmin(admin.ModelAdmin): fields = ('product__name',)

    Read the article

  • Local User & Local Admin User Server 2008

    - by Ammo
    Hi I had a test recently and one of the questions was to create a file and local user and give the local user write permission to that file. I created the local user successfully however when I went to add permission to the file it would not find the local user when name was entered correctly, and idea what could have prevented this. Secondly I was asked to create a local admin account and give full permissions to the file, to my knowledge server 2008 has a built in admin account, and neither was the server a domain controller. Could you tell me what you would do in this situation? Many Thanks!

    Read the article

  • Django Admin Actions missing

    - by Andrew C
    One of my Django sites is missing the Django Admin Action bar shown here: http://docs.djangoproject.com/en/dev/ref/contrib/admin/actions/#ref-contrib-admin-actions There is no checkbox next to each row and no Action select box near the top of the page. This is happening on every model. I have several sites running Django 1.1, and they all show the Admin Actions, so it feels like a local configuration issue. Anyone seen this before?

    Read the article

  • Authlogic admin subsite

    - by MrThomas
    Following this tutorial getting the following errors: NameError in Admin/dashboardsController#show uninitialized constant Admin::DashboardsController NameError in Admin sessionController#new uninitialized constant Admin::AdminHelper not sure how to correct this!

    Read the article

  • How to customize a many-to-many inline model in django admin

    - by Jonathan
    I'm using the admin interface to view invoices and products. To make things easy, I've set the products as inline to invoices, so I will see the related products in the invoice's form. As you can see I'm using a many-to-many relationship. In models.py: class Product(models.Model): name = models.TextField() price = models.DecimalField(max_digits=10,decimal_places=2) class Invoice(models.Model): company = models.ForeignKey(Company) customer = models.ForeignKey(Customer) products = models.ManyToManyField(Product) In admin.py: class ProductInline(admin.StackedInline): model = Invoice.products.through class InvoiceAdmin(admin.ModelAdmin): inlines = [FilteredApartmentInline,] admin.site.register(Product, ProductAdmin) The problem is that django presents the products as a table of drop down menus (one per associated product). Each drop down contains all the products listed. So if I have 5000 products and 300 are associated with a certain invoice, django actually loads 300x5000 product names. Also the table is not aesthetic. How can I change it so that it'll just display the product's name in the inline table? Which form should I override, and how?

    Read the article

  • ValueError with multi-table inheritance in Django Admin

    - by jorde
    I created two new classes which inherit model Entry: class Entry(models.Model): LANGUAGE_CHOICES = settings.LANGUAGES language = models.CharField(max_length=2, verbose_name=_('Comment language'), choices=LANGUAGE_CHOICES) user = models.ForeignKey(User) country = models.ForeignKey(Country, null=True, blank=True) created = models.DateTimeField(auto_now=True) class Comment(Entry): comment = models.CharField(max_length=2000, blank=True, verbose_name=_('Comment in English')) class Discount(Entry): discount = models.CharField(max_length=2000, blank=True, verbose_name=_('Comment in English')) coupon = models.CharField(max_length=2000, blank=True, verbose_name=_('Coupon code if needed')) After adding these new models to admin via admin.site.register I'm getting ValueError when trying to create a comment or a discount via admin. Adding entries works fine. Error msg: ValueError at /admin/reviews/discount/add/ Cannot assign "''": "Discount.discount" must be a "Discount" instance. Request Method: GET Request URL: http://127.0.0.1:8000/admin/reviews/discount/add/ Exception Type: ValueError Exception Value: Cannot assign "''": "Discount.discount" must be a "Discount" instance. Exception Location: /Library/Python/2.6/site-packages/django/db/models/fields/related.py in set, line 211 Python Executable: /usr/bin/python Python Version: 2.6.1

    Read the article

  • Django admin.py missing field error

    - by user782400
    When I include 'caption', I get an error saying EntryAdmin.fieldsets[1][1]['fields']' refers to field 'caption' that is missing from the form In the admin.py; I have imported the classes from joe.models import Entry,Image Is that because my class from models.py is not getting imported properly ? Need help in resolving this issue. Thanks. models.py class Image(models.Model): image = models.ImageField(upload_to='joe') caption = models.CharField(max_length=200) imageSrc = models.URLField(max_length=200) user = models.CharField(max_length=20) class Entry(models.Model): image = models.ForeignKey(Image) mimeType = models.CharField(max_length=20) name = models.CharField(max_length=200) password = models.URLField(max_length=50) admin.py class EntryAdmin(admin.ModelAdmin): fieldsets = [ ('File info', {'fields': ['name','password']}), ('Upload image', {'fields': ['image','caption']})] list_display = ('name', 'mimeType', 'password') admin.site.register(Entry, EntryAdmin) admin.site.register(Image)

    Read the article

< Previous Page | 1 2 3 4 5 6 7 8 9 10 11 12  | Next Page >