On 4/25/06, Martijn Faassen <[EMAIL PROTECTED]> wrote: > Tom Hoffman wrote: > > We've had a difficult time figuring out how to even diagram all the > > permissions in SchoolTool. I finally feel like I've got a reasonable > > start on it. See the attached .pdf. Before I spend hours on each > > individual action, I'd like some feedback on if this seems like a > > reasonable approach. > > > > A few notes: > > > > * green means the action is allowed > > * red means it is not > > * yellow means it should be site configurable > > * grey means the action is impossible in this context > > I'm not sure I understand the table; I think I have some trouble reading it. > > Evidently students and parents are allowed to do 'edit person info', but > teachers and staff members are only configurably allowed to do this. > What does that mean? How are they allowed to edit person info while not > being allowed to view it? > > (is the 'edit personal info' column just wrong or something?)
Indeed. It was just wrong. > Could you give a few examples of rules that follow from this table? > > The somewhat implicit notion of relationship and self worries me somewhat. > > For some permissions it makes sense; presumably self-adults can change > their own passwords (I'd be wary of using the word 'adult' by the way - > adult students exist. self-staff and self-parent might work better, and > allows for some differentiation which may be necessary). Site managers > can however manipulate anyone's password. > > But for 'view students names', I can't figure out the meaning of > 'self-student'. Why is self-student allowed to 'view students' name'? > Shouldn't that be greyed out? I originally had these blank, then I changed my mind, but I think you're right, that these columns should only be colored when they are specifically meaningful. > Some permissions are about individuals (personal data, like a password), > and some permissions are global (ability to see the list of students, > ability to add a student). Yes, this is one reason that it has taken me two years to even try to do this. Is it useful anyhow? Should there be two tables? > According to the table, someone with the pupil relationship (could that > be named perhaps something like "classmate", or even "sectionmate"?) > cannot see personal information, but someone with the instructor > relationship can. But then pupils are allowed to edit each other's > personal information? You're right that that's a bug in the table. > And self-adults are allowed to add/delete people? Does it make sense for > the self-relationship to do anything of the sort? No, it doesn't. It probably should be blank anyhow. > Perhaps we're being a bit early with this table, as I encapsulated rules > in prose before and now I have a lot of trouble understanding the table. Actually, I think you've mostly just found some specific bugs in the table. --Tom _______________________________________________ Schooltool mailing list [email protected] http://lists.schooltool.org/mailman/listinfo/schooltool
