Closed timyates closed 2 weeks ago
@mvolkmann who should be able to manage certifications and their earning?
I'm guessing we need a permission for administering certifications,
And then the earned certifications can only be managed by the member themselves (plus people with the certification permission above?)
I was just about to leave a comment to that effect on here, @timyates. I think you are spot on, except I would make a CAN_MANAGE_EARNED_CERTIFICATIONS
or similar instead of relying on the permission for managing certification types.
@mvolkmann @mkimberlin In the latest commit, I added 2 permissions:
CAN_MANAGE_CERTIFICATIONS
-- which allows creation and updating of Certifications
CAN_MANAGE_EARNED_CERTIFICATIONS
-- which allows creation and updating of EnabledCertifications
for ANY user
Without the second permission, users can only create, update and delete EarnedCertifications
which they are the owner of (via the memberId
field)
I hope this makes sense and is the correct direction 🤔
Pushed https://github.com/objectcomputing/check-ins/pull/2484/commits/0632931df76af679a1ea7e19bd27a201e62ac40e which allows anyone to create a certification
So in the Certificate controller, update and merge require the CAN_MANAGE_CERTIFICATIONS
permission
The permissions for earned certifications are handled in the service itself with
What?
Adds backend services API for managing certifications.
Should support https://github.com/objectcomputing/check-ins/pull/2477
I tried to keep as close to the Typescript skeleton as possible.
When running, Certifications swagger API can be seen here and the Earned Certifications swagger API can be seen here
Missing
Questions for future discussion:
Certifications
List
Create
Body should be:
com.objectcomputing.checkins.services.certification.CertificationDTO
badgeUrl
is optional andactive
is optional and defaults to trueUpdate
Body should be:
com.objectcomputing.checkins.services.certification.CertificationDTO
(as above)Merge
Body should be
com.objectcomputing.checkins.services.certification.CertificationMergeDTO
Earned Certifications
List
Query parameters
memberId
,certificationId
andincludeInactive
are optional for filtering the response to a certification or member or both, or including earned-certifications for deactivated certificationsCreate
Body should be
com.objectcomputing.checkins.services.certification.EarnedCertificationDTO
expirationDate
andcertificateImageUrl
are optionalUpdate
Body should be
com.objectcomputing.checkins.services.certification.EarnedCertificationDTO
as aboveDelete