search

bihealth / sodar-core

SODAR Core: A Django-based framework for building scientific data management web apps
MIT License
9 stars 1 forks source link

Make role inheritance opt-in or opt-out #1288

Open sellth opened 1 year ago

sellth commented 1 year ago

Problem

SODAR's tree structure of categories and projects combined with role inheritance makes it impossible/impractical to create totally private projects with no data access to upstream category owners/members. Due to the highly sensitive data we put into SODAR projects, this should be a privacy feature to be considered.

Solution

Two possible angles to address this:

  1. Add role inheritance opt-out checkbox in category/project settings.
  2. Make role inheritance opt-in for all categories and projects. Add checkbox in settings.
mikkonie commented 1 year ago

The current way of inheritance is the way it has has been requested by users and stakeholders and decided in previous discussions. I can raise this suggestion in our technical meeting. Technically it would be rather trivial to implement.