green = works as expected and agreed upon | red = does NOT work as expected and agreed upon | yellow = unsure | |||||
Consensus vs. Needs Confirmaton | Behavior | Access Role |
| Expected to work based on description for Collections | Works now for Admin Sets | Expected to work based on description for Admin Sets | Comments |
---|---|---|---|---|---|---|---|
Impacting collections/adminsets | |||||||
edit_access in solr_doc to collection/adminset | manager | YES | manager can modify collection metadata | YES | manager can edit the set metadata, participants, and release and visibility settings | ||
depositor | NO | NO | |||||
viewer | NO | NO | |||||
read_access in solr doc to collection/adminset | manager | NO | NO | ||||
depositor | NO | depositor can view the collection | NO | ||||
viewer | YES | NO | |||||
access to collection/adminset index | manager | YES | YES | ||||
depositor | NO | depositor can view the collection | NO | ||||
viewer | NO | NO | |||||
create collection/adminset | manager | SORT OF | YES | For collections, who can create collections of a particular type is limited to collection type managers and creators. | |||
depositor | NO | NO | |||||
viewer | NO | NO | |||||
delete collection/adminset | manager | YES | manager delete the collection | YES | |||
depositor | NO | NO | |||||
viewer | NO | NO | |||||
access to collection/adminset show page | manager | YES | YES | ||||
depositor | NO | depositor can view the collection | NO | ||||
viewer | NO | NO | |||||
access to collection/adminset edit page | manager | YES | manager can modify collection metadata | YES | manager can edit the set metadata, participants, and release and visibility settings | ||
depositor | NO | NO | |||||
viewer | NO | NO | |||||
add works to collection/adminset | manager | YES | YES | ||||
depositor | YES | YES | depositor can add new works to this administrative set | ||||
viewer | NO | NO | |||||
remove works from collection/adminset | manager | YES, IF | NO | YES IF requires_membership? false NO IF requires_membership? trueNOTE: Admin sets has requires_membership == true | |||
depositor | ? | ? | |||||
viewer | NO | NO | |||||
move works between collection/adminset | manager | YES | YES | YES when moving between collections of the same type YES when moving between different collection types IF requires_membership? false | |||
depositor | |||||||
viewer | |||||||
Consensus vs. Needs Confirmaton | Behavior | Access Role |
| Expected to work based on description for Collections | Works now for Admin Sets | Expected to work based on description for Admin Sets | Comments |
Impacting works | |||||||
edit_access in solr_doc to new works | manager | manager can edit work metadata | |||||
depositor | |||||||
viewer | |||||||
read_access in solr doc to collection/adminset | manager | ||||||
depositor | |||||||
viewer | |||||||
All other access to works is based on the edit and read access grants and is controlled by the standard abilities process. |
For Admin Sets:
permission_ template_ access | admin set solr doc | ability: can? create_in_adminset | can access through UI via Dashboard → Administrative Sets | work solr doc | comments |
---|---|---|---|---|---|
Definition on participants tab: Managers of this administrative set can
NOTE: Manager is granted access to works and their files only FOR WORKS CREATED AFTER USER BECAME MANAGER Additional things a manager can do not specifically mentioned in the definition
| Any differences from Collections? (checked if same)
| ||||
:manage | edit_access | true | YES | edit_access | Admin user creating the admin set is not given edit_access as a user until a manager is added. This does not have much of an impact as the user is part of the admin group and gets access through that group. |
Depositors of this administrative set can
| |||||
:deposit | N/A | true | NO | Access to works are granted only for works the user creates. | |
Viewers of this administrative set can
Additional functionality expected not directly mentioned in the definition
| |||||
:view | N/A | false | NO | read_access | The user is NOT given read access to the admin set and therefore cannot view the admin set through the UI. |
For Collections:
permission_ template_ access | definition in UI | collection solr doc | ability: can? create_in_collection | work solr doc | comments |
---|---|---|---|---|---|
Managers of this collection can
| |||||
:manage | edit_access | true | edit_access | admin is always a manager | |
:deposit | Depositors of this collection can
| read_access | true | access to works are granted only for works the user creates | |
:view | Viewers of this collection can
| read_access | false | read_access |
NOTE: There is a difference in definitions and in read_access set on admin_sets and collections for depositors and viewers. I would propose that Admin Sets use the same behavior as collections. This change will results in Depositors and Viewers being able to view the admin show page of the admin set AND see them listed in Managed Collections tab in Dashboard → Collections.
This makes sense for viewers since they must have some special connection with the admin set to be able to see works in it even when they are embargoed or private. This can make sense for depositors when there are multiple admin sets being used for organization.
My concern is for the special case of a site using a default admin set because they have to. Users must be able to deposit in it. In this case, the default admin set is the full set of all works in the repository. It does not make sense for users to view the show page for that admin set or see it in Managed Collections.