#2075: Handling roles
-----------------------+-----------------------
Reporter: cvvergara | Owner: webcom@…
Type: task | Status: new
Priority: normal | Milestone: Unplanned
Component: WebSite | Keywords:
-----------------------+-----------------------
The website has different roles.
The default role when a person gets registered is:
subscriber
Besides the capability of "Read"
I think can modify his own member page. (not sure, someone has to test)
How are we going to assign the different roles?
Are they going to send a mail to SAC? open a ticket? when they request a
role change?
Maybe if they belong to a project, they request the role change to the
project's responsible persons for changing roles?
--
Ticket URL: <https://trac.osgeo.org/osgeo/ticket/2075>
OSGeo <http://www.osgeo.org/>
OSGeo committee and general foundation issue tracker.
#2075: Handling roles
-----------------------+------------------------
Reporter: cvvergara | Owner: webcom@…
Type: task | Status: new
Priority: normal | Milestone: Unplanned
Component: WebSite | Resolution:
Keywords: |
-----------------------+------------------------
Comment (by robe):
We can change the default though. When I setup LDAP, it allowed me to
change the default role of a person registered via LDAP. Since we are
only allowing LDAPs (no more allowing registration on the website) and
grandfathered accounts to log in, it's way more vetted than having some
random user off the internet registering on the website. So we can be
less cautious.
Some pages clearly need admin roles like Sponsors page. I'm not sure
people are that concerned about an LDAP user defacing a project page for
example, so not sure those need to be protected as much.
There is also the possibility of controlling role based on LDAP groups,
I'm not sure the WPAuthDir has that out of the box, but I don't think it
would be too hard to extend it if it doesn't or have a sideline PHP script
that does the job.
--
Ticket URL: <https://trac.osgeo.org/osgeo/ticket/2075#comment:1>
OSGeo <http://www.osgeo.org/>
OSGeo committee and general foundation issue tracker.
#2075: Handling roles
-----------------------+------------------------
Reporter: cvvergara | Owner: webcom@…
Type: task | Status: new
Priority: normal | Milestone: Unplanned
Component: WebSite | Resolution:
Keywords: |
-----------------------+------------------------
Comment (by jive):
Okay, I think that will make this initial roll out easier. And as you say
we can mark some pages (sponsorship, committees) as requiring additional
access.
--
Ticket URL: <https://trac.osgeo.org/osgeo/ticket/2075#comment:2>
OSGeo <http://www.osgeo.org/>
OSGeo committee and general foundation issue tracker.
#2075: Handling roles
-----------------------+------------------------
Reporter: cvvergara | Owner: webcom@…
Type: task | Status: new
Priority: normal | Milestone: Unplanned
Component: WebSite | Resolution:
Keywords: |
-----------------------+------------------------
Comment (by robe):
forgot to mention I had already changed this cause too many people coming
to me saying they couldn't edit. I'm not sure even subscriber gives you
much control over your user page.
So default right now is editor.
--
Ticket URL: <https://trac.osgeo.org/osgeo/ticket/2075#comment:3>
OSGeo <http://www.osgeo.org/>
OSGeo committee and general foundation issue tracker.
#2075: Handling roles
-----------------------+------------------------
Reporter: cvvergara | Owner: webcom@…
Type: task | Status: new
Priority: normal | Milestone: Unplanned
Component: WebSite | Resolution:
Keywords: |
-----------------------+------------------------
Comment (by robe):
I switched default back to subscriber.
--
Ticket URL: <https://trac.osgeo.org/osgeo/ticket/2075#comment:4>
OSGeo <http://www.osgeo.org/>
OSGeo committee and general foundation issue tracker.
#2075: Handling roles
-----------------------+------------------------
Reporter: cvvergara | Owner: webcom@…
Type: task | Status: new
Priority: normal | Milestone: Unplanned
Component: WebSite | Resolution:
Keywords: |
-----------------------+------------------------
Comment (by jive):
Thanks:
So to avoid SAC being a bottleneck on edit access - let's promote the
following people to administrator so they can provide access for their
respective communities.
1) board members
- board members can provide access for external relationships (partners
and service providers)
- board members can provide access for internal relationships (initiative
participants)
2) officers
- committee chairs can provide access for committee members
- project officers can provide access to their project steering committee
--
Ticket URL: <https://trac.osgeo.org/osgeo/ticket/2075#comment:5>
OSGeo <http://www.osgeo.org/>
OSGeo committee and general foundation issue tracker.
#2075: Handling roles
-----------------------+------------------------
Reporter: cvvergara | Owner: webcom@…
Type: task | Status: new
Priority: normal | Milestone: Unplanned
Component: WebSite | Resolution:
Keywords: |
-----------------------+------------------------
Comment (by jive):
I have updated Astrid's credentials so she can help manage board member
access.
--
Ticket URL: <https://trac.osgeo.org/osgeo/ticket/2075#comment:6>
OSGeo <http://www.osgeo.org/>
OSGeo committee and general foundation issue tracker.
#2075: Handling roles
-----------------------+------------------------
Reporter: cvvergara | Owner: webcom@…
Type: task | Status: new
Priority: normal | Milestone: Unplanned
Component: WebSite | Resolution:
Keywords: |
-----------------------+------------------------
Comment (by cvvergara):
Adding roles:
* "Incubator" that allows:
* Create, edit, publish and delete a project page
* "Project PSC" that allows:
* Create and edit a project page
So, for example:
A new project enters incubation then the "Project PSC" members of the
project get the role so that they can build up their project page
Once its ready the "Incubator" gives the approval by publishing it.
(comunication with Incubation maillist to ask for the approval would be
needed)
what this does not cover:
"Project PSC" can edit projects that don't belong to them.
But the changes don't get published until Incubator publishes them.
(comunication with Incubation maillist to ask for the approval would be
needed)
What is expected:
Maybe at the beginning projects want to refine they project page, but once
its ready changes would be seldom.
Who gets "Incubator" role: Incubation committee
Who gets "Project PSC" role: projects PSC members
Jody and me experimented on the Incubator role
I experimented on the Project PSC role
So only "Incubator" and "Project PSC" can create a valid project page.
Just tested that some other roles can publish projects 
--
Ticket URL: <https://trac.osgeo.org/osgeo/ticket/2075#comment:7>
OSGeo <http://www.osgeo.org/>
OSGeo committee and general foundation issue tracker.
#2075: Handling roles
-----------------------+------------------------
Reporter: cvvergara | Owner: webcom@…
Type: task | Status: new
Priority: normal | Milestone: Unplanned
Component: WebSite | Resolution:
Keywords: |
-----------------------+------------------------
Comment (by jive):
cvvergara and myself implemented the above, opting to go for "Projects
Author" and "Projects Editor" (rather than specifically tie roles to
incubation committee, or marketing committee, or board or ....
The results are written up here: [[website roles]]
Next we need a plan to tell people about these roles, and give "editor"
roles to the appropriate members.
--
Ticket URL: <https://trac.osgeo.org/osgeo/ticket/2075#comment:8>
OSGeo <http://www.osgeo.org/>
OSGeo committee and general foundation issue tracker.
#2075: Handling roles
-----------------------+------------------------
Reporter: cvvergara | Owner: webcom@…
Type: task | Status: new
Priority: normal | Milestone: Unplanned
Component: WebSite | Resolution:
Keywords: |
-----------------------+------------------------
Comment (by jive):
While you can restrict website access by role, you can not restrict
editing by role.
I was hoping to make it so GeoForAll Editors could edit the GeoForAll
pages. As it is we will need to let GeoForAll Editors edit all pages.
--
Ticket URL: <https://trac.osgeo.org/osgeo/ticket/2075#comment:9>
OSGeo <http://www.osgeo.org/>
OSGeo committee and general foundation issue tracker.
#2075: Handling roles
-----------------------+------------------------
Reporter: cvvergara | Owner: webcom@…
Type: task | Status: new
Priority: normal | Milestone: Unplanned
Component: WebSite | Resolution:
Keywords: |
-----------------------+------------------------
Comment (by jive):
It looks like some of the roles have changed names on me?
- projects editor ---> incubation committee?
- project author --> project steering committee (not all projects have a
steering committee)
Please advise?
--
Ticket URL: <https://trac.osgeo.org/osgeo/ticket/2075#comment:10>
OSGeo <http://www.osgeo.org/>
OSGeo committee and general foundation issue tracker.
#2075: Handling roles
-----------------------+------------------------
Reporter: cvvergara | Owner: webcom@…
Type: task | Status: closed
Priority: normal | Milestone: Unplanned
Component: WebSite | Resolution: fixed
Keywords: |
-----------------------+------------------------
Changes (by jive):
* status: new => closed
* resolution: => fixed
Comment:
Roles are documented here: https://wiki.osgeo.org/wiki/Website
--
Ticket URL: <https://trac.osgeo.org/osgeo/ticket/2075#comment:11>
OSGeo <http://www.osgeo.org/>
OSGeo committee and general foundation issue tracker.