Open maxceem opened 3 years ago
@maxceem, should the connect manager have basic topcoder user privileges for projects that they are a member of ?
Example for projects that they have created and not projects they have access to because of connect manager role.
@maxceem, should the connect manager have basic topcoder user privileges for projects that they are a member of ? Example for projects that they have created and not projects they have access to because of connect manager role.
This is already working as you've described.
I. e. if Connect Manager creates a project then for that project Connect Manager user would have permissions from both columns as Topcoder User
and as Connect Manager
.
@maxceem ,this was not the case. Connect manager was not able create jobs for a project they created. Let me retest again and post with examples tomorrow.
@maxceem , example for above case user: TCConManager (roles: "Topcoder User","Connect Manager") project/team : https://connect.topcoder-dev.com/projects/16830
User is not able to create/update jobs, candidates, resources for the project they belong to.
Thanks, @SathyaJayabal. This is a good catch, we would fix it.
@maxceem, during recent tests, we noticed one discrepancy. The Connect Manager was able to create jobs in projects that they are not a member of (in prod) project : 18831 user: TCConManager
cc @lakshmiathreya @nkumar-topcoder
Let's sum up permission rules here.
GET /taas-teams
Only when member of the project
GET /taas-teams/:teamId
Only when member of the project
GET /taas-teams/:teamId/jobs/:jobId
Only when member of the project
GET /jobs
Only if filter by "projectId" and is member of that project
GET /jobs/:id
Only when member of the project
POST /jobs/
Only when member of the project
PUT/PATCH /jobs/:id
Only when member of the project
ANDif they created particular job
DELETE /jobs/:id
GET /jobsCandidates
Only if filter by "jobId" and member of the project of that Job
GET /jobsCandidates/:id
Only when member of the project
POST /jobs/
PUT/PATCH /jobs/:jobId
Only when member of the project
DELETE /jobs/:jobId
GET /resourceBookings
Only if filter by "projectId" and member of that project
GET /resourceBookings/:id
Only when member of the project
POST /jobs/
PUT/PATCH /resourceBookings/:id
DELETE /resourceBookings/:id
GET /workPeriods
Only if filter by "projectId" and member of that project
GET /workPeriods/:id
Only when member of the project
POST /workPeriods/
PUT/PATCH /workPeriods/:id
DELETE /workPeriods/:id
GET /workPeriods
GET /workPeriods/:id
POST /workPeriods/
PUT/PATCH /workPeriods/:id
DELETE /workPeriods/:id
NOTES
administrator
users should have all the permissions like Booking Manager users.