You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I find that if I allow a user to sign up for an account, they get to pick their department, and they see all possible departments. This is not good. There should be controls over which departments they can join on signing up. When a user who has just created an account does succeed in logging in, they can then edit their profile. In the profile editing page, they are not able to change their department, and this is good. But it is inconsistent that they can pick from any department on creating an account, vs what they can do when editing their profile after successfully logging in.
My use case:
-- I have two departments: Public and HR. I want any user in the HR department to be able to Read any document assigned to the HR department. If a user is not in the HR department, I want them to be able to see what documents exist (i.e. have View permissions to the documents) but not Read them (i.e not have Read permissions to them).
-- Documents are assigned View permissions for members of the Public department, and Read permissions for members of the HR department.
-- I want users to be able to create accounts, but I don't want them to Read any documents until an admin has put the user into the proper department. So I want users to initially be in the Public department, and then an admin would move the user to the HR department after validating their newly created account
Currently, the only way I can restrict the documents a new user can Read (if the user can put themselves into the HR department when creating a new account) is to assign a User Permission for Read for each existing document. I would prefer to manage permissions through Department Permissions.
I assume a simple patch to the "Create new account" screen that removes the department picker, and instead sets a new user's department to null or something generic like "new user department", would solve my use case and this issue
Thanks for considering
The text was updated successfully, but these errors were encountered:
Hi. Nice application!
I find that if I allow a user to sign up for an account, they get to pick their department, and they see all possible departments. This is not good. There should be controls over which departments they can join on signing up. When a user who has just created an account does succeed in logging in, they can then edit their profile. In the profile editing page, they are not able to change their department, and this is good. But it is inconsistent that they can pick from any department on creating an account, vs what they can do when editing their profile after successfully logging in.
My use case:
-- I have two departments: Public and HR. I want any user in the HR department to be able to Read any document assigned to the HR department. If a user is not in the HR department, I want them to be able to see what documents exist (i.e. have View permissions to the documents) but not Read them (i.e not have Read permissions to them).
-- Documents are assigned View permissions for members of the Public department, and Read permissions for members of the HR department.
-- I want users to be able to create accounts, but I don't want them to Read any documents until an admin has put the user into the proper department. So I want users to initially be in the Public department, and then an admin would move the user to the HR department after validating their newly created account
Currently, the only way I can restrict the documents a new user can Read (if the user can put themselves into the HR department when creating a new account) is to assign a User Permission for Read for each existing document. I would prefer to manage permissions through Department Permissions.
I assume a simple patch to the "Create new account" screen that removes the department picker, and instead sets a new user's department to null or something generic like "new user department", would solve my use case and this issue
Thanks for considering
The text was updated successfully, but these errors were encountered: