warlof
commented
3 years ago Hello,
Granting write without read is a non-sense. How can a user can write data were it doesn't have access ?
Open tigranm75 opened 3 years ago
warlof
commented
3 years ago Hello,
Granting write without read is a non-sense. How can a user can write data were it doesn't have access ?
tigranm75
commented
3 years ago Just put scan results into textbox. The problem is that all moon related data is very important for alliance and usually only leadership have access to it. But leadership want to delegate scan work to other members. Of course they have access to own scanned data, but can't steal whole database.
kensel
commented
2 years ago Writing data without access to read data happens all the time. You can create a file share on your computer that lets everyone Write files to it but not read the contents, list contents or modify the contents. Monitoring systems generally run as a user that can create\write the data but not read the data.
It might be better though to have a permission to list scanned moons (file list) so that users can identify if a moon has been scanned. I don't know that a full list of moons is available to make a report of moons to be scanned in region\constellation\solar System.
The last comment would be write only and read for owner, requiring tracking who entered the scan data and then when returning moons check user for the owned entries.
tehraven
commented
2 years ago The permissions pseudo-code being asked for here is this:
Read (View Moon Reports) IF ANY: -- Is admin -- Has role permission to view moon reports -- Is a moon report that the current user created
Write (Create Moon Report) IF ANY: -- Is admin -- Has role permission to create moon reports
This seems pretty sane to me, and definitely falls in line with how groups in Eve guard their moon data.
Hi. For security reasons please add possibility to work "Create new Moon Reports" role without "View Moon Reports" role.
Thank you.