User roles work slightly different now in the API.
A user can have global roles that apply to any dataset OR a role specific only for a given dataset.
These are just a set of roles on the user instance. The admin role was always global, but editor and reviewer can now also be global, i.e. you then have editor rights for all datasets, but not the more powerful admin rights.
In addition to that a dataset specific editor and reviewer role still exists as it did before.
The user admin UI should therefore separately allow to manage global roles and dataset specific ones.
That page should also allow to revoke a role from all datasets in one go via this new call:
DELETE /user/{key}/role/{role}
... which will remove the role for the given user from all datasets.
thomasstjerne
commented
9 months ago
User roles work slightly different now in the API.
A user can have global roles that apply to any dataset OR a role specific only for a given dataset. These are just a set of roles on the user instance. The admin role was always global, but editor and reviewer can now also be global, i.e. you then have editor rights for all datasets, but not the more powerful admin rights.
In addition to that a dataset specific editor and reviewer role still exists as it did before.
The user admin UI should therefore separately allow to manage global roles and dataset specific ones. That page should also allow to revoke a role from all datasets in one go via this new call:
DELETE /user/{key}/role/{role}... which will remove the role for the given user from all datasets.