Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Problem: Package deletion requires Storage Service login #1486

Closed
5 tasks
sromkey opened this issue Aug 3, 2021 · 1 comment
Closed
5 tasks

Problem: Package deletion requires Storage Service login #1486

sromkey opened this issue Aug 3, 2021 · 1 comment
Assignees
@sevein
Labels
Status: review The issue's code has been merged and is ready for testing/review. Type: feature New functionality.
Milestone
SS 0.19.0

Comments

@sromkey
Copy link
Contributor

sromkey commented Aug 3, 2021

Please describe the problem you'd like to be solved
To complete the deletion of a package, a Storage Service user needs to approve a deletion request that came from the dashboard or an API request. While this isn't problematic in some environments, in others, Storage Service accounts are limited due to the technical nature of the application.

Describe the solution you'd like to see implemented
We'd like to have a Storage Service user who only has access to the Packages tab of the Storage Service interface. This user should be able to do all functionality currently available on the Packages tab, but be restricted from all other tabs.

Describe alternatives you've considered
We also considered adding permissions to Archivematica to allow deletion approval from there, which we would not rule out as a future iteration.

For Artefactual use:

Before you close this issue, you must check off the following:

  • All pull requests related to this issue are properly linked
  • All pull requests related to this issue have been merged
  • A testing plan for this issue has been implemented and passed (testing plan information should be included in the issue body or comments)
  • Documentation regarding this issue has been written and merged
  • Details about this issue have been added to the release notes
@sromkey sromkey added Status: refining The issue needs additional details to ensure that requirements are clear. Type: feature New functionality. triage-release-1.13 labels Aug 3, 2021
@sevein sevein mentioned this issue Nov 1, 2021
Merged
@sevein sevein added this to the 1.14.0 milestone Nov 1, 2021
@sevein sevein added Status: in progress Issue that is currently being worked on. and removed Status: refining The issue needs additional details to ensure that requirements are clear. labels Nov 1, 2021
@sallain
Copy link
Member

sallain commented Jan 11, 2022
edited

This is looking good! These are the things that I tested:

  • Admin, manager, and reviewer users can delete packages
  • Reader users cannot delete packages
  • Admins have all functionality, as in previous versions
  • Managers have all functionality except the ability to create/edit users
  • Reviewers cannot create new or edit pipelines/spaces/locations or create/edit users

I made a little permissions matrix that we may want to include in documentation in the future.

permissions-matrix

I have not tested:

  • Performing any of the above via the API

As @sevein has noted, the release notes should include an advisory to users about how this permissions change affects existing users:

Existing authenticated users will receive all permissions with the exception of user management (e.g. they will become manager users)
Existing admin users should just stay as they are (superusers have access to all the things)

@sevein and @sromkey let me know if there is anything else I should look at!

@sevein sevein added Status: review The issue's code has been merged and is ready for testing/review. and removed Status: in progress Issue that is currently being worked on. labels Jan 15, 2022
@sevein sevein self-assigned this Jan 15, 2022
@sromkey sromkey modified the milestones: 1.14.0, SS 0.19 Jan 18, 2022
sallain added a commit to artefactual/archivematica-storage-service-docs that referenced this issue Feb 28, 2022
@sallain
Adds user roles
a0997cc 
I've updated the Users section of the Admin page to include information
about user roles as per archivematica/Issues#1486
@sallain sallain mentioned this issue Feb 28, 2022
Merged
sallain added a commit to artefactual/archivematica-storage-service-docs that referenced this issue Feb 28, 2022
@sallain
Add user roles (#50)
7876267 
* Adds user roles

I've updated the Users section of the Admin page to include information
about user roles as per archivematica/Issues#1486

* Added line about email notifications
@sallain sallain closed this as completed Mar 1, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@sevein sevein

Labels
Status: review The issue's code has been merged and is ready for testing/review. Type: feature New functionality.
Projects
None yet
Milestone
SS 0.19.0
Development

No branches or pull requests
3 participants
@sevein @sallain @sromkey