VIVO-1436: Advanced role management

[chenejac]

Christian Hauschke (Migrated from VIVO-1436) said:

VIVO needs some extra features regarding editing, validating, privacy and administration. There's a need for custom roles who for example are only allowed to edit publications or project information.

There is a draft with some ideas in the duraspace wiki:

https://wiki.duraspace.org/display/VIVO/Advanced+role+management

 

[chenejac]

Graham Triggs said:

Vitro: vivo-project/Vitro#80

VIVO: #85

 

[chenejac]

Andrew Woods said:

Demo / walk-through of feature: https://s3.amazonaws.com/vivo-content/2018-09-25-vivo-role-management.mp4

[chenejac]

Jim Blake said:

ISSUE: Created a new installation with ARM. Faux properties are initialized with zero "publish" permissions, as shown below.

[chenejac]

Jim Blake said:

ISSUE: Create a self-editor account with corresponding profile page. Create a grant for which that person is principal investigator. Log in as that self-editor. Not allowed to edit the grant.

Compare to develop branch, where the self-editor is allowed to edit the grant.

[chenejac]

Jim Blake said:

ISSUE: Create a Grant with an "awarded by" (faux property) organization. Change publish permission on "awarded by" to be publishable by Site Admins.

Login as site admin and ask for the RDF for the Grant. "Awarded by" property is not present.

Login as root and ask for the RDF for the Grant. "Awarded by" property is present

Compare to develop branch, where the Admin can see the published property.

[chenejac]

Andrew Woods said:

Pending response to code review comments.

[chenejac]

Mike Conlon said:

Draft document has been started here. https://docs.google.com/document/d/1w1YtDtoQgFirFZeHOB2YsiK3YbnibqzO2R5DHS5RSZA/edit?usp=sharing  Please add comments, things you'd like to see, errors I may have made in description or presentation.

[chenejac]

Jim Blake said:

ISSUE: The code shows an ambiguous attitude toward permissions that would permit the  Public to update entities.
The GUI doesn't allow the user to create such a permission, nor will the profile display honor such a permission.
However, permission_entities.n3 contains these permissions, and AuthMigrator creates these permissions during migration.

[chenejac]

Andrew Woods said:

Pending response to code review issues documented in the GitHub pull-requests and in this JIRA ticket (marked as "ISSUE").

[chenejac]

Andrew Woods said:

In order to facilitate more collaboration on this ticket, the existing pull-requests (vivo-85 & vitro-80) have been pushed to the following branches:
https://github.com/vivo-project/Vitro/tree/wip-vivo-1436
https://github.com/vivo-project/VIVO/tree/wip-vivo-1436

[chenejac]

Andrew Woods said:

Related documentation: https://wiki.duraspace.org/display/VIVO/Advanced+role+management

[chenejac]

Andrew Woods said:

Follow-on PRs addressing code review comments:

• Address code review comments Vitro#94
• [VIVO-1436] Address code review comments on PR #85 #95