User permission levels

[pascalflohr]

The user permission levels should be adjusted.

For the Al Ula database: -nothing visible without logging in (completed) -"read" level: search, map view, record view of records -"edit level: search, map view, record view of records, editing of records, creating new records, deleting records -"edit plus": search, map view, record view of records, editing of records, creating new records, deleting records, RDM -"staff": already in place, everything, including access to admin area

This might be slightly different for the EAMENA database, but probably only in the sense that without logging in it should there be possible to see the map view and search page (although not record view).

[mradamcox]

@pascalflohr I was looking into this, and one thing I found is that the anonymous User (there is an actual user called anonymous that is assigned to anyone who isn't logged in) had been given "read" permissions, i.e. that user had been added to the "read" group. I have tried removing that user from the read group, and made a few small changes along the lines of what @michaeltfisher has already done.

For you to test this out, I have made a mirror of the database here alula.legiongis.com. Don't worry, I removed all of the data, but the credentials are there as before. Let me know if the 'read', 'edit', and 'editplus' levels work as you need. By the way, at this point the group membership is not implicitly cumulative, so if you want someone to have 'editplus' as described above, please give them 'edit' and 'read' as well.

[pascalflohr]

@mradamcox many thanks for this! This all looks good. I can only not test if the "read" group can see the report view of records (which they are allowed to), because there is no data. But overall it looks like the levels work as they should do.

[mradamcox]

@pascalflohr I made a test resource (you can do the same if you like). It looks like currently a user with "read" permission does not have access to the resource report. In other words, all they can see is the list of search results and the map popups. To my knowledge, this is how EAMENA has been set up for a while, but you're saying you would like 'read' to be able to view the resource reports, correct?

[pascalflohr]

@mradamcox yes that is correct. I am not sure about the EAMENA levels, I had always understood the aim was to have similar levels to what I suggested for Al Ula, with the only difference that not-logged in users could could also see the search and map view in EAMENA. But yes, ideally "read" users in Al Ula should be able to see the report pages of records, so they can browse through them but just not edit anything.

[pascalflohr]

@mradamcox just looked at the test records, and agree the "read" level cannot see the record view. Would be good if this level would be able to do that.

[mradamcox]

@pascalflohr Ok, it looks like there are few other things that are currently only available to 'edit' users: the cursor lat/long position, and the scale bar. Should these be available to 'read' users, or remain hidden for them?

[pascalflohr]

@mradamcox those can be available to 'read' users too, but it is not strictly necessary

[mradamcox]

Ok @pascalflohr I have applied all of these changes to the alula.legiongis.com mockup installation (in a more organized and completed manner than I had before. I will wait for you to test it out once more before I apply them to the in-production Al Ula app, then we can close this ticket.

[pascalflohr]

many thanks @mradamcox, all looks good. I can only not see the location on alula.legiongis.com (when I add a location the record 'breaks, Server Error 500), but I think that is just because it is the mockup.

[mradamcox]

@pascalflohr hmm, I'm not sure about that error but if it comes up again we'll need a new ticket. I have now merged these changes into the al ula production deployment, so if you can do some final checking whenever you have a chance, that would be great. I'll let you close this ticket when you are ready.

[mradamcox]

Also, please read these notes https://github.com/azerbini/eamena_dev/pull/114 just for future reference. Thanks!

[pascalflohr]

@mradamcox, I have done the final checking and everything is looking good in the al ula database. Many thanks!