Opened 8 years ago
Last modified 8 years ago
#2034 closed enhancement
New permission for annotating items — at Version 1
Reported by: | Nicklas Nordborg | Owned by: | Nicklas Nordborg |
---|---|---|---|
Priority: | major | Milestone: | BASE 3.10 |
Component: | core | Version: | |
Keywords: | Cc: |
Description (last modified by )
Currently WRITE permission is required on an item to be able to modify any properties and annotations. It would be nice to be able to separate the editing of regular properties from editing annotations. Introducing a new permission level, ANNOTATE, might be a possible solution. The new permission should sit between READ and WRITE (USE is already here but they should be independent).
A user with ANNOTATE permission would then be able to modify annotations but not regular properties. It would also be possible to control which annotations the user can modify and which should be read-only by setting permissions on the annotation type (requires that #2033 is fixed so that the annotation type permission is checked).
After thinking a bit about this I think we should be able to re-use the existing RESTRICTED_WRITE permission. It is a hidden permission that is only used for User items so that a user may change some parts of their own data (such as password, email, etc) but not quota, group or role membership (which require full WRITE permission).
The RESTRICTED_WRITE permission currently implies USE permission but it should be safe to remove that connection since it is not used on user items.
Change History (1)
comment:1 by , 8 years ago
Description: | modified (diff) |
---|---|
Owner: | changed from | to
Status: | new → assigned |