More Granular Control over what editors can do

[ADepic]

For example, can you stop editors from deleting markers & lines they haven't made and leave that to admins??

[cdauth]

Well, the question is how to implement this. If people should be allowed to remove only objects that they have created themselves, that would require some kind of user management. I think that would make FacilMap too complex and would also require much more security considerations.

On the other hand, forbidding regular users to remove and kind of objects would be annoying as well in case someone accidentally adds something to the map.

Do you have any more specific idea how it could look?

[ADepic]

I think the easiest solution is to not let users delete anything, and if they accidently put something on the map they can ask a admin to remove it. Give admins more control over what they can and cannot let normal editors do.

The way allow users to delete their own work and not others is through two solutions:

1. On their first editing session: use cookies.
2. They create a fourth URL: Personalized editing url that allows the user to modify the changes he has made.
3. Warn the user to save this in order get higher permissions over his own edits.
4. Next time he opens a map in facilmap he will get extra permissions for his work only.

[cdauth]

I think the thing with the custom URL adds too much complexity, and it adds the risk that people will accidentally share their private URL when they want to share the map.

The idea with cookies is possible in general, but it’s not the perfect solution and doesn't work for everyone (for example it doesn't work for people who use private browsing sessions).

I’m wondering if a better solution wouldn’t be to improve the edit history more. Right now it’s possible to restore deleted objects through the edit history, but the history is limited to 50 entries and it’s not very easy to see what exactly has been changed.

[georg-d]

I think the easiest solution is to not let users delete anything, and if they accidently put something on the map they can ask a admin to remove it.

This approach sounds simple to implement and to use, at the same time it avoids the I worst edit action (in contrast to changing a line/marking, after deleting a marker/line, there is nothing existing any more that may trigger me to think "hm, that does not look like intended"). This could be solved as easy as via a checkbox in map > toolbox > Tools > Settings.

I’m wondering if a better solution wouldn’t be to improve the edit history more. Right now it’s possible to restore deleted objects through the edit history, but the history is limited to 50 entries and it’s not very easy to see what exactly has been changed.

While the related history improvements like filter by action, filter by type, longer history etc. would add further value besides this specific request, IMHO the history improvements alone won't help that much in this specific case: As an admin, I do not get notifications on delete, hence I might not recognize anytime soon that a single map object was removed (I do not see anything as a trigger) so even a history encompassing 1.000 or 10.000 actions might be too short. Adding mail notification is opening a whole bunch of other questions (privacy of personal data etc). Adding callback functions to some REST API requires users to have a webserver somewhere and to implement some glue code – so it's too techy for the majority of people except there's some well described example implementation. Adding an atom or RSS feed may be matching best the current approach of keeping things easy concerning privacy, usability etc. and it would add further value/possibilities (everyone may subscribe and be notified about map updates and can also see notifications of the past) but I have no idea how easy it is to implement.

[cdauth]

It's a really good idea to publish the edit history as an RSS/Atom feed.