Warning: Can't synchronize with repository "(default)" (/home/git/ome.git does not appear to be a Git repository.). Look in the Trac log for more information.
Notice: In order to edit this ticket you need to be either: a Product Owner, The owner or the reporter of the ticket, or, in case of a Task not yet assigned, a team_member"
All new objects are created in current group (warning/exception on explicit) with proper permissions for group
All linked objects are checked for group (warning/exception on mixed group and/or mixed permissions)
No object can be linked to an object of another group, regardless of permissions.
All returned graphs are group-consistent, i.e. consist only of objects from a single group (with the exception of system types)
Admin method to make group public (sends email)
Prevent changing groups to "755" except through API!
Check interaction with runAsAdmin & privileged-tokens. (ie. which has the highest priority)
what happens to root/admin data when linked? automatically put in a matching group since root/admin will be able to read it?
choice to make groups public on creation?
Upgrade:
Make all groups private (currently rw-r-r)
Detect if any data is in a mixed graph and raise exception
Make all group data private (enums?)
Possible changes:
IAdmin limits each user to a single group (?)
Remove "default" group
"user" group becomes the "user private space"
thumbnails, annotation links, etc. become a new type of object:
"shared" (or similar) which don't prevent delete.
Gui changes:
"Move Y to group" - like the deleteY() methods, this would move an
entire graph to a user's "group space". There may need to be some
duplicating of tags, etc.
- permissions (Brian)
-- private space, and a single or multiple public space?
-- fine for vast majority of people
-- private space gets rid of PI concept. perhaps via 600
-- Donald: no private space?
-- Brian: can you add more than one boss?
-- Chris: how does this work with the setting a group to public from private?
-- quickest option:
--- uesr only in one group
--- turn group private or public
--- server ensures graph-consistency, both group_id and permissions
--- PI or admin can move group to public
--- UI: need to know group prespective (don't show data)
--- ADMIN UI: need to allow upgrade to group visible. can't downgrade
---- offering upgrade button
---- sending email to all the users??
-- next stage: either private space or multiple groups.
-- really a testing issue: moving the component/client tests.
--- get them green
--- then modify them as expected
GUI
will be presented. User will then have ability to switch to another group.