-
Notifications
You must be signed in to change notification settings - Fork 75
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
As an admin user, I want to be able to change the roles of other staff and admin users #615
Comments
@kasugaijin Can admin bump other admin down to staff? |
Yes we only have the two roles (admin and staff) at the moment. So an admin can bump another down to staff. We toyed with the idea of super admin but don’t see it as necessary for MVP. Generally an org owner is only going to give admin status to someone they trust to do that role properly so shouldn’t be an issue. |
@kasugaijin I think we can close this issue or need to change it up. In regards to the above, I don't think admin are actually currently able to change roles. At least, I don't recall myself implementing any role interactions for users. They are able to deactivate each other, which is maybe what you meant. Do we want to implement the ability for admins to change roles directly? Currently, the only way to change roles is via the console. |
@mononoken i think ideally admin do have the ability to change role. The thinking behind it was to allow others to take on admin roles in the future if current admins are leaving the org. This will require additional auth policy won’t it? |
Ah okay I misunderstood. Yes, we would definitely want to setup a policy for these actions however we decide to implement it. |
@mononoken thanks for the clarification. I have updated the ticket description. It could be split into two tasks, but it's also a doable chunk of work for someone experienced (cough cough Githubbers 👯 ) |
@kasugaijin, I think we can move this issue back to ready. Is that correct? I think one thing that would be good to add to the requirements is some kind of visual to confirm with the user that the select change was registered. That would also help alert a user if they accidentally changed a select. I think a flash would be fine for that. |
@mononoken yes you’re right we can move this to ready. I agree with the user notification. |
I can work on this. |
thanks @jmilljr24 |
Admin users should be able to change the role of other staff between
staff
andadmin
for their organization.Acceptance Criteria
Backend
UserRolesController
(scoped under Organization) with separate actions (and routes) for changing roles on another User e.g., if I am changing a role fromstaff
toadmin
we have an action that will delete thestaff
role on the user and create anadmin
role on the user, and another action for the opposite. Each request should be authorized.UserRolePolicy
that has the general pre-checks (org and active staff) and checks the User making the request is an admin (i.e. has Admin role, and the Admin permissions include a new permissionchange_user_role
. The policy should also prevent a user from making the request on themself (seeStaffAccountPolicy
for reference).UI
The text was updated successfully, but these errors were encountered: