Details
-
Story
-
Status: Closed (View Workflow)
-
TBD
-
Resolution: Done
-
-
ERM Sprint 159, ERM Sprint 160, ERM Sprint 161, ERM Sprint 162, ERM Sprint 163, ERM Sprint 164
-
Bienenvolk
-
Poppy (R2 2023)
-
TBD
Description
It has been requested to have 'view only' permissions for settings in agreements.
The way we split down the permission for users in Agreements currently is into four parts:
- "permissionName": "ui-agreements.generalSettings.manage"
- "permissionName": "ui-agreements.picklists.manage"
- "permissionName": "ui-agreements.supplementaryProperties.manage"
- "permissionName": "ui-agreements.appSettings.manage"
For consistency we should reflect the same structure for view only:
- "permissionName": "ui-agreements.generalSettings.view"
- "permissionName": "ui-agreements.picklists.view"
- "permissionName": "ui-agreements.supplementaryProperties.view"
- "permissionName": "ui-agreements.appSettings.view" [*already exists*]
The existing 'manage' permissions rely on "settings.agreements.enabled" - which grants:
"subPermissions": [ "module.agreements.enabled", "settings.enabled", "configuration.entries.collection.get", "configuration.entries.item.put", "configuration.entries.item.post" ]
Since "settings.agreements.enabled" is not exposed directly to the user (visible=false) we can make changes here without affecting anything else. For logical consistency I would propose:
- Update settings.agreements.enabled to only include "module.agreements.enabled" and "settings.enabled"
- Add new permission settings.configuration.manage which grants "configuration.entries.collection.get", "configuration.entries.item.put", "configuration.entries.item.post"
- Add new permission settings.configuration.view which grants only "configuration.entries.collection.get"
- Update the existing ui-agreements.generalSettings.manage setting to additionally grant "settings.configuration.manage" as well as settings.agreements.enabled
- Add the three new settings "view" permissions which grant settings.agreements.enabled and, for ui-agreements.generalSettings.view also settings.configuration.view
So
ui-agreements.generalSettings.view will need:
- settings.agreements.enabled
- settings.configuration.view
ui-agreements.picklists.view will need:
- settings.agreements.enabled
- erm.refdata.view
ui-agreements.supplementaryProperties.view will need:
- settings.agreements.enabled
- erm.custprops.view
ui-agreements.appSettings.view will need:
- settings.agreements.enabled
- erm.settings.read
Also need to. check the code that displays permissions in the UI as I think we display sections in the settings based on the four "manage" permissions that exist right now. I think the best thing to do would be to replace this with a check for the new equivalent "view" permissions and then update all the "manage" permissions to have the equivalent "view" as a sub permission (the alternative would be to check for either the view OR the manage permission in the code before displaying the section in the UI)
Interested Parties: sduvvuri Anya N. Arnold ostephens
TestRail: Results
Attachments
Issue Links
- defines
-
ERM-2650 mod-agreements release. Fix version: 6.0.0 (Poppy)
-
- Closed
-
- relates to
-
ERM-2633
Add view only settings for Local KB Admin
-
- Closed
-
-
ERM-2625
Add view only permissions for License settings
-
- Closed
-
- mentioned in
-
Page Loading...
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
