Closed krzys-h closed 1 year ago
I feel like adding proper permissions for organizers is very-very low priority.
It won't change anything in our lives - "there is no business value"
True - this was just a random idea I had while thinking about how to handle the "Organizers" page better, because the current one is kinda a mess. I want to have the data about the organizers in the db to somehow display it in a more sane way (not sure how yet), and handle the case of having organizers with no workshops (iirc it happened in the past - currently the system treats such people as if they didn't participate at all). The permissions idea was just a side effect of that.
Currently, all organizers get access to data for all editions. Given that we have more and more data in the system each year, this may be undesirable for security reasons. Old organizers should only get access to data for editions they organized.
I propose that we change the permissions such that:
Additionally, we should drop the old permission system entirely. Spliting the permissions into see workshop list/see user list/edit qualification etc. does not make sense in our use case, and only unnecessarily complicates the codebase if you try to implement them properly (e.g. hiding workshop proposals if you can see user list but not the workshop list etc.)
ping @cytadela8 for input on this