View Issue Details

IDProjectCategoryView StatusLast Update
0020683mantisbtauthorizationpublic2016-03-09 18:59
Reportercproensa Assigned To 
PrioritynormalSeverityminorReproducibilityhave not tried
Status newResolutionopen 
Product Version1.3.0-rc.2 
Summary0020683: Separation of access level administrator, global from project
Description

Regarding access levels, the current model is that a user may have different access levels based on:

  • global AL
  • per project AL

The effective one is the higher of those.
Access levels are named in the context of bug managing: reporter, developer,manager, etc.
On the other hand, there are some system wide configurations that require certain AL, usually "administrator".

To me, there should be a difference between a "administrator in a project", and "global administrator".
One reasoning is that "administrator" as an entity that is not strictly related to the bug managing workflow.
Through the code, usually there is the need to differentiate if current user is either global or project administrator to allow certain things. This is cumbersome, and a risk for inconsistencies.

The global access level configuration, in my opinion, should provide the default AL for a user applicable on public projects, in the bug workflow context only.

As a proposal, a new parametrization for access level is required to determine that a user is a "system administrator".
Optionally, a set of different AL for system administration could be provided, but it must be separated from the current bug workflow access levels.

Imho, this can be a good place to start implementing authorization roles.

TagsNo tags attached.

Activities

There are no notes attached to this issue.