jc0n
commented
12 years ago create and edit all kinds of tasks, except the following...
What were the following?
Closed mhrivnak closed 12 years ago
jc0n
commented
12 years ago create and edit all kinds of tasks, except the following...
What were the following?
mhrivnak
commented
12 years ago Although once other types of tasks have an organization affiliation, we should apply this constraint to all task types.
On Fri, Mar 9, 2012 at 3:40 PM, John O'Connor reply@reply.github.com wrote:
create and edit all kinds of tasks, except the following...
What were the following?
jc0n
commented
12 years ago I'm not sure how to interpret the double except if you read it top down. Event and Session aren't tasks. It looks like it means Event and Session cannot be created and except for SURR a task can be created with any org?
I would assume Event, Session, SURR, as well as any task can be created as long as they are in the same org?
Also are there any specific User attributes the role should not have access to as part of editing the profile?
mhrivnak
commented
12 years ago For all task types, plus Event, plus Session, any of these that have an organization attribute should have the constraint where this role cannot create or edit them without the corresponding org relationship.
For User attributes, I assume you mean for editing their own profile? They should have exactly the same ability as any non-privileged user in this respect. It's likely that the role granting that permission will apply without you having to do anything here.
jc0n
commented
12 years ago For all task types, plus Event, plus Session, any of these that have an organization attribute should have the constraint where this role cannot create or edit them without the corresponding org relationship.
OK. Thats what I figured. Just to be clear this also includes Question and QuestionPool for Exams as well?
mhrivnak
commented
12 years ago We are not supporting the ability to create or edit Question or QuestionPool objects directly. They may only be created when an exam is imported.
On Fri, Mar 9, 2012 at 4:07 PM, John O'Connor reply@reply.github.com wrote:
For all task types, plus Event, plus Session, any of these that have an organization attribute should have the constraint where this role cannot create or edit them without the corresponding org relationship.
OK. Thats what I figured. Just to be clear this also includes
QuestionandQuestionPoolfor Exams as well?
Reply to this email directly or view it on GitHub: https://github.com/TireSwingSoftware/openassign-server/issues/118#issuecomment-4424678
jc0n
commented
12 years ago It looks like the arbitrary permission on the import/export routines should cover that case.
The scope of this role is within an organization.
To have these permissions, a user must be associated with the given organization and have the org role named "Owner Manager" within it.
Quote from Ryan: "Users in this role are able to view reports as well as create and assign tasks. These individuals are concerned with ensuring their organizations remain trained and effective."
Permissions needed:
I'm sure some additional permissions that I didn't explicitly state will be required to meet the needs outlined above. Go ahead and add them as you think it makes sense, and of course feel free to ask if you are unsure.