jhu-idc / iDC-general

Contains non-code-base specific tickets relating to the Islandora8 for Digital Collection project
0 stars 0 forks source link

Assign roles to SAML users #62

Closed cyork closed 3 years ago

cyork commented 4 years ago

@emetsger

cyork commented 4 years ago

We have users intended to be global administrator and collection admins created in the enable SAML ticket, but have not assigned roles yet. Assign the appropriate roles to these users, and verify that the appropriate resource protections are enforced (i.e. a collection admin can add/remove items to collections he or she controls, but not others).

This task almost certainly involves creating some pre-populated initial collections that are available when launching the local development environment.

bseeger commented 3 years ago

The infrastructure for this is setup and functional. The last part of this is to setup the Drupal SAML information, per system, for the JHU/test users that are expected to access those systems and the roles they should have.

Remaining tasks:

bseeger commented 3 years ago

Ticket https://github.com/jhu-idc/iDC-general/issues/318 needs work before we can configure the SAML information above.

bseeger commented 3 years ago

I think we decided in a meeting that it was okay to not have the systems have assigned users and that Katie would setup permissions for a user after the first time they logged in. @htpvu and @birkland is that your recollection? If so, I think we can close this and https://github.com/jhu-idc/iDC-general/issues/318.

birkland commented 3 years ago

Katie and/or an admin would assign permissions on a case-by-case basis