Hi, I don't think the WFS-Insert could resolve the postgresql function current_setting(). You should insert your user data with SQL.
GeoServers SQL View can resolve current_setting() and can combine/join it with your user data to return only records the current myapp.user should see. Regards, Stefan Am 31.10.2018 um 13:13 schrieb Nanaso: > Hi, > Thanks a lot Stefan for your perfect solution. > I have tested what you mentioned and it works pretty fine. But there > is one remaining issue. That is how to pass the current geoserver's > username to the database? I've a field in the geometries table called > "user_name". It should hold the owner of the record (the user that can > view the record). I need to fill this field with the current geoserver > username. How can I do that? > I tried the following WFS request: > <Insert> > <tst:geometry_table xmlns:tst="tst"> > <geometry xmlns="tst"> > <Point xmlns="http://www.opengis.net/gml"; > srsName="urn:ogc:def:crs:EPSG::4326"> > <pos srsDimension="2">21.958021949698434 > 14.533349892039715</pos> > </Point> > </geometry> > <name>city h</name> > <user_name>current_setting('myapp.user', TRUE)</user_name> > </tst:geometry_table> > </Insert> > But it didn't substitute the username variable with its value. > > Can you help me how to do that using WFS, or whatever other solutions? > > Best regards, > Nanaso > > > > > > > Sent with ProtonMail <https://protonmail.com> Secure Email. > > ‐‐‐‐‐‐‐ Original Message ‐‐‐‐‐‐‐ > On Wednesday, October 31, 2018 12:43 PM, Stefan Overkamp > <[email protected]> wrote: > >> Hi, >> >> "Is it possible to decide which users can access which features in a >> layer?" >> I'm using the following solution for postgis datastore/layer: >> >> * >> set a Session startup SQL (and session close-up SQL) in the >> datastore. This will set a variable with the current GeoServer user. >> e.g. startup "SELECT set_config('myapp.user', >> '${GSUSER,geoserver}', FALSE) >> close-up "SELECT set_config('myapp.user', '', FALSE) >> * >> create a sql view, restricting the returned records with the set >> variable (current_setting('myapp.user', TRUE)) >> normally you would have an additional table in your database with >> mapping of usernames to records/spatial entities >> >> Regards, >> Stefan >> >> >> Am 29.10.2018 um 12:36 schrieb Nanaso via Geoserver-users: >> >>> Hi, >>> Thanks a lot Nuno for your reply. >>> There are two issues: >>> 1- The Geofence extention can satisfy my needs in the following way: >>> I have an attribute in my layer called "user_name", I can check if >>> the logged in username equals to this attribute, then I will allow >>> the logged in user to access this feature, and vise versa. >>> The problem is how to get the current logged in username. Is there >>> an environment varaible that holds the current logged in user? >>> >>> 2- The other issue is regarding installation of Geofence. I've tried >>> to install version 13 of Geofence extention in a Geoserver of >>> version 13, it works fine, but the place where I should enter the >>> CQL filter is not exist. According to the documentation: >>> https://docs.geoserver.org/stable/en/user/community/geofence-server/gui.html#rule-page >>> There should be a place to specify the CQL fitler for read and >>> write. But it looks like this part of the configuration doesn't >>> exist in version 13 of Geofence. >>> I've then tried to install verison 14 of Geofence in a veriosn 14 of >>> Geoserver, but the server failed to launch with many exceptions. My >>> machine is Mac OS High Sierra. And here you're the exceptions I >>> recieve when launching geoserver after adding Geofence to it: >> >> -- >> ========================================= >> Dipl.Ing. Stefan Overkamp >> tel: 02052 / 814184 >> mobil: 0177 / 7976159 >> > -- ========================================= Dipl.Ing. Stefan Overkamp tel: 02052 / 814184 mobil: 0177 / 7976159
_______________________________________________ Geoserver-users mailing list Please make sure you read the following two resources before posting to this list: - Earning your support instead of buying it, but Ian Turton: http://www.ianturton.com/talks/foss4g.html#/ - The GeoServer user list posting guidelines: http://geoserver.org/comm/userlist-guidelines.html If you want to request a feature or an improvement, also see this: https://github.com/geoserver/geoserver/wiki/Successfully-requesting-and-integrating-new-features-and-improvements-in-GeoServer [email protected] https://lists.sourceforge.net/lists/listinfo/geoserver-users
