Project

General

Profile

Requirement #391

(Requirement) Enable different classes of users commensurate with their roles.

Added by Dave Vieglais over 11 years ago. Updated about 11 years ago.

Status:
New
Priority:
High
Assignee:
Category:
Requirement
Target version:
-
Start date:
Due date:
% Done:

0%


Description

There are several types of users that will be interacting with the DataONE infrastructure, as such it is necessary to ensure that user roles can be supported by the identity management infrastructure. Closely related to https://trac.dataone.org/ticket/390

Rationale: Different user classes or groups provides an effective mechanismfor indicating the types of interaction that might be supported by the system. The alternative is to specifically assign privileges for each user - an
approach that is inefficient and potentially insecure as it is easy to miss an
individual when setting privileges for a large number of users.

Fit Criteria

  • A well defined set of standard groups is identified and can be easily manage (e.g. administrators, data contributors, data readers)

  • Users can be assigned to and removed from groups

  • Additional groups can be created to support group functions as necessary

  • Users can create their own groups for ad-hoc collaboration when needed and without approval of system administrators

  • Access control rules can be associated with groups and operate as expected.

Also available in: Atom PDF

Add picture from clipboard (Maximum size: 14.8 MB)