...
green = works as expected and agreed upon | red = does NOT work as expected and agreed upon | yellow = unsure | |||||
Consensus vs. Needs Confirmaton | Behavior | Access Role |
| Expected to work based on description for Collections | Works now for Admin Sets | Expected to work based on description for Admin Sets | Comments |
---|---|---|---|---|---|---|---|
Impacting collections/adminsets | |||||||
edit_access in solr_doc to collection/adminset | manager | YES | manager can modify collection metadata | YES | manager can edit the set metadata, participants, and release and visibility settings | ||
depositor | NO | NO | |||||
viewer | NO | NO | |||||
read_access in solr doc to collection/adminset | manager | NO | NO | ||||
Should depositors have read access? | depositor | NO | depositor can view the collection | NO | For collections, I believe depositor SHOULD be given read_access. For admin_sets. I believe depositor SHOULD NOT be given read_access. Or perhaps make it optional. Rationale - You wouldn't want the default_admin_set to grant read_access to all depositors b/c that may include all logged in users which holds all works. | ||
viewer | YES | NO | |||||
access to collection/adminset index | manager | YES | YES | ||||
depositor | NO | depositor can view the collection | NO | ||||
viewer | NO | NO | |||||
create collection/adminset | manager | SORT OF | YES | For collections, who can create collections of a particular type is limited to collection type managers and creators. | |||
depositor | NO | NO | |||||
viewer | NO | NO | |||||
delete collection/adminset | manager | YES | manager delete the collection | YES | |||
depositor | NO | NO | |||||
viewer | NO | NO | |||||
access to collection/adminset show page | manager | YES | YES | via :edit access to the collection | |||
depositor | NO | depositor can view the collection | NO | PROPOSED change to YES-- via :read access to the collection | |||
viewer | NO | NO | PROPOSED change to YES -- via :read access to the collection | ||||
access to collection/adminset edit page | manager | YES | manager can modify collection metadata | YES | manager can edit the set metadata, participants, and release and visibility settings | ||
depositor | NO | NO | |||||
viewer | NO | NO | |||||
add works to collection/adminset | manager | YES | manager can add to and remove works from the collection | YES | |||
depositor | YES | depositor can add works to to the collection | YES | depositor can add new works to this administrative set | |||
viewer | NO | NO | |||||
remove works from collection/adminset | manager | YES, IF | manager can add to and remove works from the collection | NO | YES IF requires_membership? false NO IF requires_membership? trueNOTE: Admin sets has requires_membership == true Minimally, manager has to be a manager/depositor to both collections | ||
depositor | ? | ? | Minimally, manager has to be a manager/depositor to both collections | ||||
viewer | NO | NO | |||||
move works between collection/adminset | manager | YES | manager can add to and remove works from the collection | YES | YES when moving between collections of the same type YES when moving between different collection types IF requires_membership? false Minimally, manager has to be a manager/depositor to both collections | ||
depositor | ? | ? | Minimally, depositor has to be a manager/depositor to both collections | ||||
viewer | NO | NO | |||||
Consensus vs. Needs Confirmaton | Behavior | Access Role |
| Expected to work based on description for Collections | Works now for Admin Sets | Expected to work based on description for Admin Sets | Comments |
Impacting works | |||||||
edit_access in solr_doc to new works | manager | YES | manager can edit work metadata | YES | manager can edit work metadata | Applied at create time when a work is created in just one collection. Admin set participants are applied every time a work is created. Collection and admin set permissions are additive. | |
depositor | NO | NO | |||||
viewer | NO | NO | |||||
read_access in solr doc to collection/adminset | manager | NO | NO | ||||
depositor | NO | depositor can view the collection | NO | ||||
viewer | YES | viewer can view it even if the visibility permissions of the collection otherwise would not permit them to view it | YES | viewer can view works in the set regardless of the visibility settings applied to the work | Applied at create time when a work is created in just one collection. Admin set participants are applied every time a work is created. Collection and admin set permissions are additive. | ||
All other access to works is based on the edit and read access grants and is controlled by the standard abilities process. |
For Admin Sets:
permission_ template_ access | admin set solr doc | ability: can? create_in_adminset | can access through UI via Dashboard → Administrative Sets | work solr doc | comments |
---|---|---|---|---|---|
Definition on participants tab: Managers of this administrative set can
NOTE: Manager is granted access to works and their files only FOR WORKS CREATED AFTER USER BECAME MANAGER Additional things a manager can do not specifically mentioned in the definition
| Any differences from Collections? (checked if same)
| ||||
:manage | edit_access | true | YES | edit_access | Admin user creating the admin set is not given edit_access as a user until a manager is added. This does not have much of an impact as the user is part of the admin group and gets access through that group. |
Depositors of this administrative set can
| |||||
:deposit | N/A | true | NO | Access to works are granted only for works the user creates. | |
Viewers of this administrative set can
Additional functionality expected not directly mentioned in the definition
| |||||
:view | N/A | false | NO | read_access | The user is NOT given read access to the admin set and therefore cannot view the admin set through the UI. |
...