www-infrastructure-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Graham Leggett <minf...@sharp.fm>
Subject Re: CLAs and LDAP
Date Sat, 06 Dec 2008 13:09:50 GMT
Paul Querna wrote:

> In the ldap schema, we likely need some way to mark someone as having a 
> CLA or not.
> We have a couple ASF members, who have never contributed code before, so 
> while they would be in the ASF members group, they have not signed a CLA 
> -- and therefore should _not_ have access to the public svn code areas.
> Maybe having a CLA is just another group?

There are two approaches you can take with this.

The first is to add an attribute to the person's object, probably with 
something sensible in it like the URL of the CLA. The catch is that you 
need to add something to the schema for this.

The second is to create a group representing people with CLAs on file as 
you suggested. This doesn't require any schema change.

The first option is slightly more work, but allows you to do some cool 
checks-and-balances, such as a script that can ask "do the CLAs within 
everyone's attributes actually exist or have mistakes been made".


View raw message