I would think that you should always know your OWN roles, and that in general these should be public, but if a project had a reason to hide them they should be able to request this.
On Thu, Jun 16, 2016 at 5:39 PM, Aaron Wolf <aa...@snowdrift.coop> wrote: > On 06/06/2016 10:52 AM, fr33domlover wrote: > > Hello, > > > > I have a slightly unrelated question, but I think the Snowdrift team has > > experience which can help with answering the question. Lone developers > are less > > likely to know, and there's a good team here :) > > > > Suppose there's a web app, say Snowdrift itself or the GitLab instance, > where > > registered users are assigned roles. Each role has a set of operations, > which > > determine what you can and can't do in the system. For example, "bug > reporter" > > can open bugs but can't close them, "developer" can open and close bug > and also > > push code commits and merge merge-requests. > > > > Suppose there's a single user, or perhaps 2 or 3, who are the admins of > the > > project, and they decide who gets which role. They can add and remove > people > > and change roles and operations. > > > > Here are 2 possible scenarions: > > > > 1. As a project member, you don't know which role you are assigned, and > which > > operations are enabled for it. The project admins tell you, but > there's no > > web page where you can see that info. It means the admins have some > privacy > > with role management and the list of people and their roles is > private too, > > but on the other hand there's no easy way to get the list of your > roles. > > 2. The table of roles and operations is visible to everyone. Everyone > knows who > > are develpers and bug repoters and admins etc. of the project and > what they > > can and can't do. > > > > Or this: > > > > 3. Something in between? e.g. only project members can view roles, and > other > > users can't? Or maybe you can view the definition of all the roles > and you > > know which role you have, but you don't know what roles the other team > > members have? > > > > What do you think? Any feedback highly appreciated! :) > > > > --fr33 > > > > Replying late to this: > > I think there's no obvious solution here. There's the general concerns > about privacy, transparency, security… I think there are cases where > roles and permissions should be public and cases where it's problematic. > So, from a technology standpoint, this is a situation where I think it's > best to support both approaches or a mix. One obvious way to do that is > to say that "seeing" one's role or permissions is itself a permission > setting with the same level of control per-role or system-wide setting > as other permissions. > > > > > _______________________________________________ > Discuss mailing list > Discuss@lists.snowdrift.coop > https://lists.snowdrift.coop/mailman/listinfo/discuss > > -- @@@@@@@@@@@@@@@@@@@@ @ james sheldon @ http://www.jamessheldon.com @ "those who fail to reread @ are obliged to read the same story everywhere" @ -- Roland Barthes, S/Z (1970) @ voyager...@gmail.com @@@@@@@@@@@@@@@@@@@@
_______________________________________________ Discuss mailing list Discuss@lists.snowdrift.coop https://lists.snowdrift.coop/mailman/listinfo/discuss
