rogersBen
commented
7 years ago Could this just be an extra table in the database with the two roles and then link user accounts to the roles?
Closed Aidan275 closed 6 years ago
rogersBen
commented
7 years ago Could this just be an extra table in the database with the two roles and then link user accounts to the roles?
Aidan275
commented
7 years ago Could this just be an extra table in the database with the two roles and then link user accounts to the roles?
It could be, I think Lucas has already started implementing it. If you check out the users model there is a userRolesSchema, I think this needs to be added to the roles field in the userSchema.
You'd be best off asking @Lucas-W about it.
Lucas-W
commented
7 years ago There's user role functions in the backend (But no permission or validation checking). The User model has a role field, which is an array of strings (Role name).
What needs to be figured out is how a user gets roles. I've assumed the 'Researcher' is given to all the researcher accounts created so it's the default value. How do users become System Admins, or other potential roles?
Aidan275
commented
7 years ago Okay sweet, well do you want to handle this one then?
I guess the System Admin should have the power to change other users roles? And maybe the first user added to the database is automatically assigned the system admin role?
Aidan275
commented
7 years ago Saw the roles have been implemented as an array of strings in the user model, wouldn't it be easier if a user only had one role, either researcher or system admin?
And system admins have all the permissions that a researcher has plus more?
Would make it easier in the front-end too
Lucas-W
commented
6 years ago Re-implemented as researcher/admin.
User roles need to be implemented.
Currently, the roles should just include Researcher and System Admin.