Skip to end of metadata
Go to start of metadata
User Story

An administrator may create, edit, or delete a role via the roles and permissions section of the administration menu. See below user stories for specific types of roles that may be created and edited in CollectionSpace 1.0.

Notes

UI -> Service mapping

Access -> Read

Write -> Create, Read, Update

Delete -> Delete

Read Only -> Read, No Update, No Delete

Note: For Read-Only permissions, the App layer would have to render pages only after checking if the user also has Update and/or Delete permissions at the service layer. ReadOnly permission enforcement would require the following 3 permission enforcements in the App layer:

  • Check if READ is allowed but also ...
  • make sure UPDATE is not allowed AND
  • make sure DELETE is not allowed

Dan has mentioned in the earlier STIM on this topic that, the app layer would perform its own access control check. Sanjay’s interpretation: when it comes to controlling the access on UI-owned resources such as pages, widgets, etc., the App layer would enforce additional access control.

Related User Stories:
Derived Stories:
*Service Layer Stories*
Service Story: Create, Read, Update and Delete Role [CSPACE-1293|http://issues.collectionspace.org/browse/CSPACE-1293] [CSPACE-1294|http://issues.collectionspace.org/browse/CSPACE-1294] [CSPACE-1295|http://issues.collectionspace.org/browse/CSPACE-1295] [CSPACE-1296|http://issues.collectionspace.org/browse/CSPACE-1296] Create, Read, Update and Delete Permission [CSPACE-1304|http://issues.collectionspace.org/browse/CSPACE-1304] [CSPACE-1305|http://issues.collectionspace.org/browse/CSPACE-1305] [CSPACE-1306|http://issues.collectionspace.org/browse/CSPACE-1306] [CSPACE-1307|http://issues.collectionspace.org/browse/CSPACE-1307] Associate Role with Permission(s) and vice versa [CSPACE-1299|http://issues.collectionspace.org/browse/CSPACE-1299] [CSPACE-1300|http://issues.collectionspace.org/browse/CSPACE-1300] [CSPACE-1301|http://issues.collectionspace.org/browse/CSPACE-1301] [CSPACE-1302|http://issues.collectionspace.org/browse/CSPACE-1302]
*Application Layer Stories*
Application Story: Application Story:
*UI Layer Stories*
UI Story: UI Story: