opensafely-core / job-server

A server for mediating jobs that can be run in an OpenSAFELY secure environment. q.v. job-runner
https://jobs.opensafely.org
Other
5 stars 11 forks source link

Document new user permissioning #1341

Closed ghickman closed 2 years ago

ghickman commented 2 years ago

Our medium-term goal is to automate new user provisioning and permissioning. However, in the short term, several steps require manual intervention by admins (interacting with users, establishing the permissions they should have, giving them pointers to what they can/can't do, assigning permissions, and perhaps more). And people are routinely a bit confused about the states they find themselves in (example)

Specifically, some common actions for users:

The person who picks up this ticket should start by briefly reviewing all the linked discussions (more in the thread below, too), then having a chat with George to check their understanding. It probably makes sense to turn these into a series of commonly-asked questions.

Any ensuing notes should be turned into a series of FAQs or similar topic-based narrative.

Intially, we should draft these in a Google Doc. When we're pretty happy with them, we integrate the text directly into job-server, displaying a list group of them in the Staff Area index page below the current list group in the left-hand nav.

There may also be some useful background narrative generated as part of this research - planned future directions, etc. This should intially go into a google doc, and then probably turned into a series of issues (coordinate with Seb)

sebbacon commented 2 years ago

Given osrelease also leans on permissions, I think this thread is also relevant for consideration

sebbacon commented 2 years ago

Two things to clarify:

sebbacon commented 2 years ago

Also see discussion here (Slack) - George added a tickbox to the bullet list at the top after this discussion.

sebbacon commented 2 years ago

And here's another thread with people seeking clarification

sebbacon commented 2 years ago

@tomodwyer

FYI co-pilots have been maintaining their own documentation, which I just found here https://docs.google.com/document/d/1odediydaSJI2dwFwqgGO9lDR0HjTaCn9O9IGXAatiCc/edit

sebbacon commented 2 years ago

I'm also throwing in this Slack thread (where I learned about that) for the record - I don't think you necessarily need to read it @tomodwyer.

tomodwyer commented 2 years ago

Another Slack thread on permissions to create new organisations.

sebbacon commented 2 years ago

Note that when this is done, we should link to the published version(s) from our Policy

sebbacon commented 2 years ago

A slack thread not about permissions, but about transferring existing repos to the opensafely org

ghickman commented 2 years ago

Moved to the ideas bucket.