-
Notifications
You must be signed in to change notification settings - Fork 21
Permissions
Arman Frasier edited this page Apr 17, 2018
·
3 revisions
This application is still in development, as such, group names and permission structures are subject to change and are not final
Group Name | Description | Permitted Actions |
---|---|---|
superuser | Superuser account | All actions; Add users to groups |
bidcycle_admin | The administrator for all bidcycles | Create and Edit BidCycles; Add and remove positions from bidcycles |
feedback_editors | Users who can access the administrative portion of the feedback mechanism | View, Delete, and export user feedback |
glossary_editors | Users who can access the glossary editing features | View, Create, and Edit glossary items |
bureau_ao | Users who have been defined as a bureau ao | No special permissions - this role comes with a specific bureau role |
bureau_ao_XXXXXX | Bureau AO for Bureau with org code XXXXXX | Can specify permissions owned by the bureau as service needs |
post_editors_XXX | User with permission to edit post with database id XXX | Can edit capsule descriptions for positions located at post with id XXX |
To grant a user permissions, the user must be a member of the group superuser
. Then, they can access the API's permissions endpoints to manage permissions
Addiontally, users with physical access to the application server can run the management command modify_group {add|remove} <EMAIL> <groupname>
to add or remove a user with the specified e-mail address from the specified group. (NOTE: When using ADFS, the user must have accessed the site at least once to ensure their user account has been created)
Method | Endpoint | Description |
---|---|---|
GET | /api/v1/permission/group/ | List all available permission groups |
GET | /api/v1/permission/group/{id}/ | Return specified group details (such as name, description, included permissions) |
GET | /api/v1/permission/group/{id}/user/{user_id}/ | Check if a user_id is a member of the group specified by id |
PUT | /api/v1/permission/group/{id}/user/{user_id}/ | Add user_id to the group specified by id |
DELETE | /api/v1/permission/group/{id}/user/{user_id}/ | Remove user_id from the group specified by id |
GET | /api/v1/permission/user/{user_id}/ | Check the permissions for user_id specified |
GET | /api/v1/permission/user/ | Check the accessing user's permissions |
- Design Principles
- Content Styleguide
- Design Styleguide
- Design Sprint Workflow
- Information Architecture
- User Profiles
- Branding
- Research Strategy
- Bidder User Research
- Career Development Officer User Research
- Assignment Officer User Research
- Homepage and Filter Tests