Closed BBGuy closed 9 years ago
Asset: Create new content Asset: Edit own content Contribution: Create new content Contribution: Edit own content Contribution: Delete own content Event: Create new content Event: Edit own content Event: Delete own content Legal Entity: Create new content ? not- Asset: Delete own content ?
Those all have issues and we need to find a way to resolve in one of two ways or more then likely we need both a) for security b) for UX : a) Add a condition to the role that understands the business logic of Kendra b) Exclude from rendering
admin/structure/views/view/asset_actions/edit/block
I create a new module "Kendra user" that adds a views plug in to be used with the "Asset actions" view to deploy
This is mostly working on dev now so can be tested using the two new accounts that where created. The remaining issues are to do with improved UI for visitor and improved security for Asset Author.
Pushed the fist stage to live and tested two issues came up 1) not related to the work but we are getting errors on calendar page - created #53 2) Weights of all assets can be adjusted by an Asset Author even if he is not he owner - this will be resolved by adding a rule condition to check if a Rule link is allowed for the asset.
Rules integration for checking if user can edit asset. Develop
Go Live
I pushed the rules integration live after some testing on dev. I added the "kendra" role to all the admin users as this is needed to edit assets
@dahacouk - I still have some work to so but would be good to get some input on this
Kendra admin need to be able to add edit & delete Taxonomy terms. however the taxonomy overview page and the term add are both controlled by the same permission that gives all Taxonomy managment to the role. We can use the Taxonomy access fix to fix this.
This is now pushed to dev to setup taxonomy management for the kendra role"
I'd like to talk about weights terminology/context. My feeling is that there is no absolute weight – it is relative. Weight is a relationship between 2 or more legal entities. Let's talk.
On 5 Jan 2015, at 13:24, Guy Schneerson notifications@github.com wrote:
Rules integration
Rules integration for checking if user can edit asset. Develop
- [ ] Create a new code unit and a condition: "User can edit the asset" that takes a node and a user as arguments
Create a function to implement the above with two cases- [ ] one for nodes that are an asset
- [ ] one for nodes that are an contribution
- [ ] update the two contribution rule links for Decrease/Inc contribution weight condition
- [ ] update all the asset actions
- [ ] Disable the asset actions view access restrictions and test.
Go Live
- [ ] Push to dev & test
- [ ] merge code, pull and cc all
- [ ] update the two contribution rule links for Decrease/Inc contribution weight condition
- [ ] update all the asset actions -[ ] test.
Reply to this email directly or view it on GitHub: https://github.com/kendrainitiative/kendra_hub/issues/51#issuecomment-68706846
@dahacouk - yes the weights are currently designed to work depending on the context however we also talked about them having virtual values that can be inherited from a CMO
Stage 1 implemented now any remaining minor issues moved to #61 (low propriety).
Business needs
This will involve the creation of roles supporting three levels of users.
At a later stage we will look at more granular permission system based on asset management & usage this will be much more application specific and will tie in to the versioning and conflict resolution.
Technical implantation
Kendra admin
Manage all aspects of the Kendra system (in the future we will have more granular roles) using the existing unused kendra role
Asset Author
A user that can create new Assets and edit his own assets.
Visitor
One with an account approved by a Kendra admin - can see all data but can not add or change using the built in authenticated user role