-
Notifications
You must be signed in to change notification settings - Fork 10
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Clarify the IG action in the Leaver Checklist #4197
Comments
I think there are three types of roles. Listed from widest scope to narrowest scope, they are:
A user's global roles are displayed in the "Global Roles" section on the user role list page in Job Server's staff area (example). They are updated either by clicking the "Clear all roles" button (which also clears their project roles) or by checking the box that corresponds to the role and clicking the "Update" button. A user's organization roles are not displayed in Job Server's staff area (#4198). A user's project roles are displayed in the "Projects" section on the user role list page in Job Server's staff area (example). They are updated by either clicking the "Clear all roles" button (which also clears their global roles) or clicking each project, checking the box that corresponds to the role, and clicking the "Update member" button. Project roles are associated with project memberships. It is possible to remove (to use the language of the IG action) or to clear (to use the language of Job Server's UI) the project roles associated with a project membership by either updating or deleting the project membership. I think the project membership should be updated, not deleted. Furthermore, I think the IG action should be updated to reflect Job Server's UI. Consequently, I think the IG action should read:
|
I have double checked this and have tested this in a few ways, and I think to avoid confusion, it should be listed in the most obvious way. For example, HelenCEBM has: Core Developer, Interactive Reporter, Output Checker and Project Collaborator Global roles. However, in addition to this, she also has Project Developer roles in some, not all projects, meaning the unticking of a global role doesn't remove her project roles too. So to avoid any confusion and to guarantee full removal is met, I think the checklist should say: In Jobserver, remove global roles, backend access, and if relevant, project roles (Project Collaborator and Developer) and membership. If roles are removed from projects, update the notes in the study (at the top of the form) detailing the removal of this user. --- or something of that nature. |
I think the simplest thing for now would be to change the leavers checklist to say "In Job Server, remove all backends and remove all roles for this user", and for "remove all backends" and "remove all roles" to link to step-by-step instructions on exactly which buttons to press on what pages. Those instructions should probably live nearby to this section in the team manual. |
@LiamHart-hub and I walked through the difference between updating the roles for a membership and deleting a membership. We're going to set aside the issue of how the audit log behaves in each case, which is covered by #4201. We're going to focus on whether we want a user to be
after the user has left. At present, we can have both/neither, but not either/or. Liam is going to discuss this with the IG team. When the IG has reached a decision, we can clarify the IG action and, if necessary, update job-server. Liam and I also walked through the difference between global roles and project-level roles, noting that the former aren't audited but the latter are. However, this difference is orthogonal to this issue. |
@iaindillingham -Can we please make sure that Juliet has eyes on this too? For some reason I am unable to add her here @JulietUnderdown1 |
The Leaver Checklist contains the following IG action:
The user detail page in Job Server's staff area has a "Clear all roles" button and a "Global Roles" section, with check boxes for each of Job Server's roles (e.g. Core Developer, Interactive Reporter, Output Checker etc.). Consequently, the IG action is unclear.
@CLStables created this issue as a draft, following a Slack discussion.1 It contained two actions, which related to the Leaver Checklist and organization roles. I've created this issue from the draft, and edited it to separate the two actions into separate issues. This issue relates to the Leaver Checklist. #4198 relates to organization roles.
Footnotes
https://bennettoxford.slack.com/archives/C069SADHP1Q/p1710327352827539 ↩
The text was updated successfully, but these errors were encountered: