kenburcham
commented
4 years ago Good idea, Clark. Just by way of documentation, here are the various permission levels CDMS currently supports.
FYI: There is an Organization table and Projects belong to an Organization. Datasets belong to Projects. Datastores are across all organizations. Users belong to an Organization.
For permission levels, currently there are these:
· Admin – across all organizations/projects/datasets. Can edit all datasets/fields/datastores, etc.
· User – have read access to all datasets (but could be scoped to just their Organization pretty easily). Some modules have user group restrictions, but those are one-offs.
· Owner – projects have an OwnerId. If a user owns a project they have write access and can manage editors for datasets in a project. They can’t edit datasets/fields, etc. Only Admins can do that.
· Editor – has write access to datasets they are an editor for
· External user – Can login and have read access only to projects (and all project datasets) assigned in their permission. Can be added as an editor by the project Owner.
I like the idea of “Developer” Clark suggested. Could scope by Organization? Or as suggested, by Progam/sub-program
I think we’d implement as groups the user is in and then expand the permission checks for the different features.
Ken Burcham, MDiv O: 541-429-7444 C: 541-667-7624
From: clarkw [mailto:notifications@github.com] Sent: Monday, April 13, 2020 4:44 PM To: CRITFC/Helpdesk Helpdesk@noreply.github.com Cc: Subscribed subscribed@noreply.github.com Subject: [CRITFC/Helpdesk] Feature request: Additional organizational structure/user levels (#30)
EXTERNAL EMAIL: Please use caution when clicking links or opening attachments.
As we expand the use of CDMS to other divisions w/in our department, I see an increasing need to manage CDMS at multiple levels and possibly even partition the site based on program or sub-program. I can foresee the following levels, to start:
- Admin: across all programs/sub-programs; only granted to a few specific individuals
- Developer: admin privileges for datasets w/in program/sub-program
- User/Editor: read-only access except where assigned as Editor
- others??
— You are receiving this because you are subscribed to this thread. Reply to this email directly, view it on GitHubhttps://github.com/CRITFC/Helpdesk/issues/30, or unsubscribehttps://github.com/notifications/unsubscribe-auth/AACM2U3FSS3XVKLA7YDZ7Q3RMOPUDANCNFSM4MHJ4UFA.
The opinions expressed by the author are his or her own and are not necessarily those of the Confederated Tribes of the Umatilla Indian Reservation. The information, contents and attachments in this email are Confidential and Private.
nowinski
As we expand the use of CDMS to other divisions w/in our department, I see an increasing need to manage CDMS at multiple levels and possibly even partition the site based on program or sub-program. I can foresee the following levels, to start: