There is currently the concept of a "user" but I wonder if we will need to extend this in two ways, to ensure that only the right person gets to access the right records:
1 We will probably need to add the concept of a "business entity" (Trap.nz calls this "organisations") so that records (projects, devices, pictures etc) belonging to one organisation remain private to that organisation. Then a user is a member of one of the business entities. Actually, I have I think 3 accounts on Trap.nz - two of which I set up myself for my personal experiments, and one real trap network that is administered by someone else who permitted me to join and view those traps, enter data etc.
2 So this leads to the concept of roles: a senior person should be able to do important activities but a junior person should be limited to other activities. Then perhaps the senior person can manage who else can join, and can remove them etc. It looks like trap.nz has these roles: "trapper", "advanced_trapper", "manager", "administrator" though these are not fields in the User object....
3 The User is likely to need other fields including a display name, contact details etc.
4 Anything else needed to manage security, esp. passwords?
There is currently the concept of a "user" but I wonder if we will need to extend this in two ways, to ensure that only the right person gets to access the right records:
1 We will probably need to add the concept of a "business entity" (Trap.nz calls this "organisations") so that records (projects, devices, pictures etc) belonging to one organisation remain private to that organisation. Then a user is a member of one of the business entities. Actually, I have I think 3 accounts on Trap.nz - two of which I set up myself for my personal experiments, and one real trap network that is administered by someone else who permitted me to join and view those traps, enter data etc.
2 So this leads to the concept of roles: a senior person should be able to do important activities but a junior person should be limited to other activities. Then perhaps the senior person can manage who else can join, and can remove them etc. It looks like trap.nz has these roles: "trapper", "advanced_trapper", "manager", "administrator" though these are not fields in the User object....
3 The User is likely to need other fields including a display name, contact details etc.
4 Anything else needed to manage security, esp. passwords?