Open kepae opened 8 months ago
admin
subscriber
incident_editor
editor
submitter
taxonomy_editor
admin
subscriber
taxonomy_editor
- remove
admin
roles from users where no longer necessary.
@kepae Regarding this point. We currently have 19 users with admin
role in Production. Most of them don't have first and last names, so it's hard to know who are they. Do you know who should keep the admin access on Production? I have my names but I would like to confirm with you before creating a migration to remove the rest.
Thanks @pdcp1! I'll review and update the current admin roles, I have a means of identifying most users. The important thing is that after the migration, the editor roles should be sufficient for their actions. Will also assign myself here.
- Review staging vs. production discrepancies in roles, and likely migrate staging to match production.
@kepae this item is done and merged on this PR https://github.com/responsible-ai-collaborative/aiid/pull/2401
Since we closed the last item of this issue:
Confirm incident editor accounts have all necessary permissions and remove admin roles from users where no longer necessary. related: https://github.com/responsible-ai-collaborative/aiid/issues/2606
we can close it
Oops, sorry, I have to actually remove the unnecessary admin roles still and test that with editors. I'll re-open and assign to me for that last bit.
Oh, sorry for closing it
We should review the existing user roles in production and staging, as well as in the code. We recently saw a discrepancy in staging vs production expectations in https://github.com/responsible-ai-collaborative/aiid/pull/2359; in staging, there exist users with the role
editor
but in production, this role isincident_editor
.admin
roles from users where no longer necessary.Historically, https://github.com/responsible-ai-collaborative/aiid/issues/1703 proposed some of the existing roles. There's more history somewhere and I'm looking for it...