-
Notifications
You must be signed in to change notification settings - Fork 15
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Allow for actions besides read/write in new ACL selector UI #1004
Comments
Thank you for coming up with this feature. We are one of the adopters that wildly use annotate and annotate-admin. :) Let's discuss this in one of our upcoming meetings. |
I thought some more about this and wanted to write down some thoughts and ideas. I would like to invite every institutions using custom actions to chime in, especially so if you feel like your use case is not being addressed here! ActionsActions that are used in the wild (that I have heard of so far):
ImplicationsThese represent what logically "makes sense". For example, it does not make sense to give someone Here are implications I can think of:
Use cases
Tobira should be configurable to properly cover all of those use cases (and more). This would mean configuring custom actions and their implications. UI Options
Screenshot for option (1): |
I suppose I would suggest going with option (1) for now. It works for every specific use case that I have heard of and should be fairly simple to implement. Only problem is that we might need to add checkboxes (i.e. hybrid) in the future for other use cases. Not sure how bad this is. But again: let me know what you think. |
Speaking for Osnabrück University, we want this to be as simple as possible. We don't want to generate a new admin interface. That's what the admin interface is for ;-) I like the dropdown best. It's true that when there are many actions and in particular many independent actions, the number of options goes up exponentially. But in that case, e.g. having a list of checkboxes would still be complex and likely not very easy to understand for non-technical end users. |
Wild idea I don't have a lot of time to consider bc my food is about to be ready: Config simply allows a list of Stray thought: Of course the disadvantage of a custom label/description is that it won't be translated. Maybe allow to configure multiple strings for different languages? But imo this problem always presents itself as soon as stuff is configurable. |
But if I had to choose between option 1 and 2, I'd prefer 1 as well, bc it requires less knowledge of the user in regards to permissions and which combinations make sense. |
@lkiesow Thanks for the feedback!
That's indeed an interesting idea! So basically that And this is just a nice extension of (1). So we could go with (1) now and add
We already have a system in place for that and many strings in the config can already be configured in multiple languages. So that's not a problem. |
Yeah, exactly!
Yaay, I was helpful. :3
Oh, that's cool! :D |
Previously, only read and write roles were transmitted. This can go into 14 as it is not a breaking change. Well, one thing changes: `ROLE_ADMIN` is not explicitly included in the event ACL anymore. But since this is not a public free-for-all API, but only used by Tobira, and since Tobira has implicit `ROLE_ADMIN` checks everywhere, this is no problem. In fact, Tobira even removes `ROLE_ADMIN` in the incoming ACL before storing it in the DB. Related issue: elan-ev/tobira#1004 ### Your pull request should… * [ ] have a concise title * [ ] [close an accompanying issue](https://help.github.com/en/articles/closing-issues-using-keywords) if one exists * [ ] [be against the correct branch](https://docs.opencast.org/develop/developer/development-process#acceptance-criteria-for-patches-in-different-versions) * [ ] include migration scripts and documentation, if appropriate * [ ] pass automated tests * [ ] have a clean commit history * [ ] [have proper commit messages (title and body) for all commits](https://medium.com/@steveamaza/e028865e5791)
Custom actions for events are now stored in DB with a new column. This is only the backend side of things, so they won't show up in the ACL UI yet. Part of #1004
Currently, only
read
andwrite
actions can be changed/set via the UI. But Opencast supports arbitrary actions. Most commonly,annotate
andannotate-admin
are used in the wild.We currently encode the assumption that "write" implies "read" access by having a drop down with only two options ("read" and "read & write"). On the one hand, we can clearly not have an option for every combination of actions. On the other hand, these actions usually do have relationships. For example, every action I can think of implies "read". Also "annotate-admin" implies "annotate". Does "write" imply "annotate-admin"? mhh.
So yeah, we need to find a nice way to include those. Make it work very well for common cases, and well enough for all other cases.
The text was updated successfully, but these errors were encountered: