From: marcin.slusarczyk
Date: March 2 2004 11:37am
Subject: roles and permissions
List-Archive: http://lists.mysql.com/eventum-devel/6
Message-Id: <OF918BFCD1.A57827AD-ONC1256E4B.00396F57-C1256E4B.00401EA0@seinf.abb.se>
MIME-Version: 1.0
Content-Type: multipart/alternative; boundary="=_alternative 00401E9AC1256E4B_="

--=_alternative 00401E9AC1256E4B_=
Content-Type: text/plain; charset="us-ascii"

Czesc,

1. Is anywhere available specification of roles permissions? 

2. There is wrong way of determining who is allowed to do something I have 
added one role and without any other modifications this role has access to 
clock-in time, attaching files and many others. We should create a table 
with roles and permissions. And keep it for everybody information. 

I prefer one way permission. I mean if you have permision you get access. 
I see in code that there is also denny. For example if you are manager you 
cannot set administrator role. It should not be like this. If you are 
administrator you are allowed to set administrator role. If you are 
manager you are allowed to set : manager, viewer, reporter and some other 
roles. 
I prefer to explicitly define what roles can manager assign (not: every 
role except administrator).

3. I want to create role 'customer'. He is able to :
- view issues, but not full view. Only overview, details, files.
- create issues (but different template. Only: category, priority, 
summary, description, attach file, notification options)
- no other fuctions.

4. Roles per project would be nice, but it is too big architectural change 
right now. .

Marcin Slusarczyk
--=_alternative 00401E9AC1256E4B_=--