Task #1794 (assigned)
Opened 14 years ago
Last modified 14 years ago
Permissions : Define exceptions to standard group permissions (#1434) — at Version 7
Reported by: | jamoore | Owned by: | jamoore |
---|---|---|---|
Priority: | major | Milestone: | OMERO-Beta4.2 |
Component: | Security | Version: | 4.1 |
Keywords: | n.a. | Cc: | atarkowska, jburel |
Resources: | n.a. | Referenced By: | n.a. |
References: | n.a. | Remaining Time: | 0.5d |
Sprint: | 2010-03-19 (5) |
Description (last modified by jmoore)
As a follow-up to #1434, an attempt should be made to outline the exceptions to the group-security system that has been put in place. E.g. what objects cannot exist in only one group? Two examples have already shown up:
==Discussion Mar. 22 (Ola, Jean-Marie, Josh):==
- the goal is a common-pot
- the common-pot is an area to put objects which
- should be seen by all users
- can be linked to by all objects
- the common-pot is an area to put objects which
- possible objects for the common pot: ratings (1-5), tags, scripts (#1784) , user photos (#1791)
- need to keep in mind uploading private scripts versus uploading public scripts
- need method for uploading user photos
- an alternative might be adding roles ("PUBLIC", etc.) but this will need more investigation
==Questions:==
- What does an owner of "user" group mean?
- Do we need a parameters item to filter out the common-pot?
- will these objects be allowed to have divergent permissions (not tied to the group) or is it even necessary since they have special handling?
- would it be possible to use the "WORLD" flag?
==Decisions:==
- move from using "system" and "user" group to only using "user" group for common-pot
- only admins can add to the common pot (add methods where necessary)
- we will wait on the parameter filter and decide on its need
Change History (7)
comment:1 Changed 14 years ago by jmoore
- Description modified (diff)
comment:2 Changed 14 years ago by jmoore
- Description modified (diff)
comment:3 Changed 14 years ago by jmoore
comment:4 Changed 14 years ago by jmoore
- Type changed from User Story to Task
comment:5 Changed 14 years ago by jmoore
- Remaining Time set to 0.5
- Sprint set to 2010-03-19 (5)
comment:6 Changed 14 years ago by jmoore
- Status changed from new to assigned
Note: See
TracTickets for help on using
tickets.
You may also have a look at Agilo extensions to the ticket.
At least while testing (which happens often as root) this can be a good surprise:
so that:
can return 50K+ images.