-
Notifications
You must be signed in to change notification settings - Fork 21
Permissions
Arman Frasier edited this page Apr 17, 2018
·
3 revisions
This application is still in development, as such, group names and permission structures are subject to change and are not final
| Group Name | Description | Permitted Actions |
|---|---|---|
| superuser | Superuser account | All actions; Add users to groups |
| bidcycle_admin | The administrator for all bidcycles | Create and Edit BidCycles; Add and remove positions from bidcycles |
| feedback_editors | Users who can access the administrative portion of the feedback mechanism | View, Delete, and export user feedback |
| glossary_editors | Users who can access the glossary editing features | View, Create, and Edit glossary items |
| bureau_ao | Users who have been defined as a bureau ao | No special permissions - this role comes with a specific bureau role |
| bureau_ao_XXXXXX | Bureau AO for Bureau with org code XXXXXX | Can specify permissions owned by the bureau as service needs |
| post_editors_XXX | User with permission to edit post with database id XXX | Can edit capsule descriptions for positions located at post with id XXX |
To grant a user permissions, the user must be a member of the group superuser. Then, they can access the API's permissions endpoints to manage permissions
Addiontally, users with physical access to the application server can run the management command modify_group {add|remove} <EMAIL> <groupname> to add or remove a user with the specified e-mail address from the specified group. (NOTE: When using ADFS, the user must have accessed the site at least once to ensure their user account has been created)
| Method | Endpoint | Description |
|---|---|---|
| GET | /api/v1/permission/group/ | List all available permission groups |
| GET | /api/v1/permission/group/{id}/ | Return specified group details (such as name, description, included permissions) |
| GET | /api/v1/permission/group/{id}/user/{user_id}/ | Check if a user_id is a member of the group specified by id |
| PUT | /api/v1/permission/group/{id}/user/{user_id}/ | Add user_id to the group specified by id |
| DELETE | /api/v1/permission/group/{id}/user/{user_id}/ | Remove user_id from the group specified by id |
| GET | /api/v1/permission/user/{user_id}/ | Check the permissions for user_id specified |
| GET | /api/v1/permission/user/ | Check the accessing user's permissions |
- Design Principles
- Content Styleguide
- Design Styleguide
- Design Sprint Workflow
- Information Architecture
- User Profiles
- Branding
- Research Strategy
- Bidder User Research
- Career Development Officer User Research
- Assignment Officer User Research
- Homepage and Filter Tests