User Story #1434 (new)
Opened 15 years ago
Last modified 14 years ago
Re-enable group permissions support — at Version 21
Reported by: | jamoore | Owned by: | jamoore |
---|---|---|---|
Priority: | critical | Milestone: | OMERO-Beta4.2 |
Component: | Security | Keywords: | n.a. |
Cc: | jrswedlow, jburel, cxallan, bwzloranger, atarkowska, jmwallach@…, carlos@… | Story Points: | n.a. |
Sprint: | n.a. | Importance: | n.a. |
Total Remaining Time: | 0.0d | Estimated Remaining Time: | n.a. |
Description (last modified by jmoore)
This ticket is the story umbrella for all the permissions improvements planned for milestone:OMERO-Beta4.2 in order to re-activate group-sharing. Linked tickets are available under [WorkPlan/Permissions]
Items under discussion
The following items are not listed on the WorkPlan page. If they are deemed important for 4.2, they should be moved there. If not, they should either be deleted or moved to their own tickets.
- thumbnails, annotation links, etc. become a new type of object: "shared" (or similar) which don't prevent delete.
- In some cases, automatically convert object's group to the attached to object? (From #1171, is this necessary if other groups are not visible?)
See also:
Change History (21)
comment:1 Changed 15 years ago by jburel
comment:2 Changed 15 years ago by jmoore
- Cc bwzloranger atarkowska added
comment:3 Changed 15 years ago by jmoore
- Description modified (diff)
From Sep 04 conf call:
- permissions (Brian) -- private space, and a single or multiple public space? -- fine for vast majority of people -- private space gets rid of PI concept. perhaps via 600 -- Donald: no private space? -- Brian: can you add more than one boss? -- Chris: how does this work with the setting a group to public from private? -- quickest option: --- uesr only in one group --- turn group private or public --- server ensures graph-consistency, both group_id and permissions --- PI or admin can move group to public --- UI: need to know group prespective (don't show data) --- ADMIN UI: need to allow upgrade to group visible. can't downgrade ---- offering upgrade button ---- sending email to all the users?? -- next stage: either private space or multiple groups. -- really a testing issue: moving the component/client tests. --- get them green --- then modify them as expected
comment:4 Changed 15 years ago by jmoore
- Description modified (diff)
comment:5 Changed 15 years ago by jmoore
- Description modified (diff)
comment:6 Changed 15 years ago by jmoore
- Description modified (diff)
comment:7 Changed 15 years ago by jmoore
- Description modified (diff)
comment:8 Changed 15 years ago by jmoore
- Description modified (diff)
comment:9 Changed 15 years ago by jmoore
- Milestone changed from OMERO-Beta4.1 to OMERO-Beta4.2
Moving as discussed conf call 2009-09-18
comment:10 Changed 14 years ago by jmoore
- Description modified (diff)
comment:11 Changed 14 years ago by jmoore
- Description modified (diff)
comment:12 Changed 14 years ago by jmoore
- Description modified (diff)
comment:13 Changed 14 years ago by jmoore
- Description modified (diff)
comment:14 Changed 14 years ago by jmoore
- Description modified (diff)
comment:15 Changed 14 years ago by jmoore
Brief discussion on write with Ola, Josh, Jean-Marie:
- want to keep things simple for the user
- the solution above allows setting on group
- but do we need to let user change write-ability?
- e.g. "make container read-only or full-access"
- J-M: dangerous except for annotations to let change
- Josh: but Image.description or Shape.color?
- "rwrwrw" not a good idea. But could have a PUBLIC group (with guest)
- for options of groups: rw, rwr, rwrw
- configurable initial groups? Maybe
- users in more than one group? Yes
- more than one PI? Yes
- G/E/P/D/I? Yes, but G is strict (security based), E isn't (could be mixed)
- Need a way to restrict owner-mixing? Maybe (would be LINK permission)
- Perhaps handle it via best-practice
- Possible to distinguish hierarchies and annotations? Hard.
- Possibly use color codes per user initially.
- If user filtering, pass back "friend" user list of who was queried?
comment:16 Changed 14 years ago by jmoore
- Cc jmwallach@… added
comment:17 Changed 14 years ago by jmoore
- Description modified (diff)
comment:18 Changed 14 years ago by jmoore
comment:19 Changed 14 years ago by jmoore
- Description modified (diff)
comment:20 Changed 14 years ago by jmoore
- Description modified (diff)
Maked #203 as a duplicate of this ticket.
comment:21 Changed 14 years ago by jmoore
- Description modified (diff)
GUI
will be presented. User will then have ability to switch to another group.