search

ec-jrc / re3gistry

Re3gistry is a reusable open source solution for managing and sharing ‘reference codes’, ensuring semantic interoperability across organisations.
European Union Public License 1.2
29 stars 21 forks source link

Question on roles and permissions #67

Closed heidivanparys closed 8 months ago

heidivanparys commented 2 years ago

I am trying to understand the following lines of code and the rationale behind it:

https://github.com/ec-jrc/re3gistry/blob/82ace9d481d3ce72ea4e0bd489698228a2218a51/sources/Re3gistry2/src/main/resources/configurations_files/configuration.properties#L137-L143

I made the following mapping, to get a better overview:

control body register manager register owner registry manager submitting organisation
Content editing
submit proposal (x)1 x
manage item proposal (x)2 x x
approve proposal x
publish proposal x
User & group management
manage group x x
manage user x x
map user to group x x
map group to item x
Structure & data model management
manage field x
manage field mapping x x
manage register & registry x
System management
manage system x

1 Present in the default configuration, not present in the line that is commented out. 2 Not present in the default configuration, present in the line that is commented out.

My questions:

  1. What is the reason behind the lines that are commented out? Was the configuration different earlier? Why was it changed?
  2. What does it mean exactly to map groups to items? I read the documentation, but I can't seem to find anything about that.
  3. Are "manage group", "manage user", "manage user to group" and "map group to item" still relevant, or are they perhaps part of another permission? I'm asking because I tried to figure out what exactly MapGroupToItem meant, and in that process I noticed that I got no results back when searching the code for references regarding these four permissions, see also screenshot below for what it looks like for one of them. Am I missing something?

image

heidivanparys commented 2 years ago

Additional question: the comment at

https://github.com/ec-jrc/re3gistry/blob/6bf4e416d16fbc4d3b98573d07ddaef39022a7f6/documentation/user-manual.md#L475

does not seem to correspond with

https://github.com/ec-jrc/re3gistry/blob/82ace9d481d3ce72ea4e0bd489698228a2218a51/sources/Re3gistry2/src/main/resources/configurations_files/configuration.properties#L137-L140

Can a registry manager (that does not have the "register manager" role) publish reference codes, or not?

emanuelaepure10 commented 2 years ago

Dear @heidivanparys

The re3gistry/documentation/user-manual.md is correct. Both REGISTER and REGISTRY managers have the role of PUBLISHING a change/action.

The variables from the file re3gistry/sources/Re3gistry2/src/main/resources/configurations_files/configuration.properties are not used, but they could actually give an idea of what a user with a role can do. They can be updated, so as well the registryManager has the role of PublishProposal.

Please, be free to update the file.

Best regards, Emanuela