User Story #11456 (accepted)
Opened 11 years ago
Last modified 8 years ago
Comprehensive permissions testing
| Reported by: | mtbcarroll | Owned by: | jburel |
|---|---|---|---|
| Priority: | major | Milestone: | Permissions |
| Component: | General | Keywords: | n.a. |
| Cc: | ux@…, sbesson | Story Points: | n.a. |
| Sprint: | n.a. | Importance: | n.a. |
| Total Remaining Time: | 0.0d | Estimated Remaining Time: | n.a. |
Description (last modified by mtbcarroll)
Our permissions overview in the sysadmin documentation leaves much unspecified. Petr has been looking after some excellent Google Drive spreadsheets that have a lot more detail in the tables, but not yet everything. There are many variables: group membership (admin, owner, member, not), group permissions (including those not presently exposed in the UI), multiple-group situations (e.g., moving something from one group which has permissions P and for which I have membership Q, to a group which has permissions R and for which I have membership S, and perhaps P = R), extra associated data of different ownership that may be carried along with it (various kinds of annotations, which may be owned by some third party with other group memberships, and have been added to the image by a fourth party), so now we have T, U, and more), etc.
Of course, when associated data gets somehow separated from its original target, there is also the question of what then happens to it. Some things might make sense in an orphaned existence. But, for instance, if I move an image and didn't mean to thus delete another user's comments and I regret my action and move it back, maybe they're still gone.
What I would like is for every possibility to be enumerated such that it is clear in every case what should actually happen. Then, I would like integration and UI tests to actually try out every one of those cases. (Icing on the cake would be some kind of background story of workflows and intent from which these rules are obviously derived, because that'll be necessary if we ever need to explain the system more fully to anybody else: a why to follow the what.)
(This arose because I was trying to find out for the failing tests in AnnotationMoveTest which of the failing tests fail because the test is wrong and which because the server is wrong. From our documentation it's really not an easy question to answer.)
Change History (6)
comment:1 Changed 11 years ago by mtbcarroll
- Description modified (diff)
comment:2 Changed 10 years ago by mtbcarroll
comment:3 Changed 10 years ago by mtbcarroll
- Cc sbesson added
comment:4 Changed 10 years ago by jamoore
- Priority changed from minor to major
- Type changed from Task to User Story
As discussed during https://trello.com/c/BZ2UcNV8/49-jun-19-agenda, https://trello.com/c/kbYs3GQ0/19-test-permissions-comprehensively was archived in favor of turning this ticket into a story. All bugs found from the testing should be included here.
comment:5 Changed 10 years ago by agilo
- Status changed from new to accepted
Updated status, related task in progress
comment:6 Changed 8 years ago by sbesson
- Milestone changed from Testing2 to Permissions
See also https://github.com/openmicroscopy/openmicroscopy/pull/1751#issuecomment-28313531: data may be in the user group. The "pre-set" users and groups should be included in the testing.