Project

General

Profile

Requirement #795

(Requirement) System must support revocation of user permissions

Added by Mark Servilla over 13 years ago. Updated over 13 years ago.

Status:
New
Priority:
High
Assignee:
Category:
Requirement
Target version:
-
Start date:
Due date:
% Done:

0%


Description

The system should be able to revoke any user's permissions and, ultimately, their direct access to the system, if the user is misbehaving within the system.

Although it is unclear as to who assigns permissions, I believe that the final responsibility and authority for access control is the DataONE administrator. As such, permissions and simple access to any part of the DataONE infrastructure, and perhaps member node infrastructure that is accessed through DataONE, should be revokable.

Fit Criteria

  • Administrator can change permissions for a user for any object
  • Permission changes are propagated through the system within XXX seconds
  • Read, write access rules can be altered for a user for all content in the system

Also available in: Atom PDF

Add picture from clipboard (Maximum size: 14.8 MB)