Permission Groups

[anandology]

We wanted to have fine-grained permisisons for easy of managing in the code and corse-gained permissions for easy of assigning to roles. Having permission groups and assigning permission group to a role gives us best of both.

A typical cleansweep instance will only need handful permission groups. For example:

• Admin - permission to do everything
• Manage - almost everything except some admin permissions
• SMS-Email - everything of view + send email and sms
• View - view all volunteers (without contact details), committee members, other numbers etc.
• LimitedView - view only the committee members and some stats

Committee members typically get manage permission-group and that will include everything needed. For example, the admin can decide whether or not to include download-volunteers permission in that permission group.

To start with assume that permission groups will be specified in the code or in the config file.

We can move them to admin panel later (as a separate issue).

[anandology]

Implemented and they are now available at admin center.