Imeji User Management

From MPDLMediaWiki
Jump to navigation Jump to search

Template:Imeji


Current State[edit]

  • User account creation: Only system administrators have the right to create new user accounts.
  • User can edit his own information and change his password.
  • Every registered user is an account user that has the right to create own collections.
  • One user can have as many privileges as he gets.
  • Account information is sent per email

User Roles[edit]

Label Description
System Administrator

Is allowed to work on the whole system

  • view all images, collections, metadata profiles and albums
  • view all account users
  • create/delete account users
  • delete images, collections and albums (in state private, public and discarded)
  • withdraw images, collections and albums (in state public)
Account User
  • create collections
  • create albums
  • create metadata profiles
  • inherits all rights from the Profile Editor, the Collection Administrator and the Album Administrator
Collections
Collection Administrator

Is allowed to work on one specified collection

  • define following roles for the selected collection (share functionality):
  • Collection Editor
  • Image Editor
  • Profile Editor
  • Collection Viewer
  • inherits all rights from the Collection Editor, Image Editor, Profile Editor
Collection Editor

Is allowed to work on one specified collection

  • edit collection metadata
  • upload images
  • release collection
  • delete collection (state private)
  • withdraw collection (state public)
  • inherits all rights from the Collection Viewer, the Image Editor and the Profile Editor
Collection Viewer Is allowed to view images and metadata of a private collection
Albums
Album Administrator

Is allowed to work on one specified album

  • define following roles for the selected album (share functionality):
  • Album Viewer
  • Album Editor
  • inherits all rights from the Album Editor
Album Editor

Is allowed to work on the content of one specified album

  • edit album metadata
  • release album
  • delete album (state private)
  • withdraw album (state public)
  • add pictures
  • remove pictures
  • inherits all rights from the Album Viewer
Album Viewer Is allowed to view images and metadata of a private album
Other
Image Editor

Is allowed to work on images of one specified collection

  • delete images
  • edit image metadata
  • inherits all rights from the Collection Viewer and the Profile Editor
Profile Editor

Is allowed to work on one specified metadata profile

  • edit metadata profile
  • inherits all rights from the Collection Viewer


Future Development[edit]

All actions will be defined individually, to offer a fine granular rights management.


User Actions[edit]

Level Actions - Id
System Level
  • Create user - 1 (*)
  • View Users - 2 (*)
  • Assign actions/ action group to a user - 3 (*)
  • View system details - 4 (*)
  • Delete users - 5(*)
  • Edit user - 6(*)
  • Edit own user data - 7
  • Change own password - 40
  • Change password of others - 8 (*)
  • Create action groups - 9 (*)


Item Level
  • View own item - 10
  • Upload item - 11
  • Delete own item - 12
  • Publish item - 13
  • Withdraw item - 14
  • Delete published item - 15 (*)
  • Delete private item - 16
Collection Level
  • View own collection - 17
  • Create collection - 18
  • Share collection - 19
  • Unshare collection - 20 (**)
  • Edit collection metadata - 21
  • Delete private collection - 22
  • Publish collection - 23
  • Withdraw collection - 24
  • Delete published collection - 25 (*)
Album Level
  • View own album - 26
  • Create album - 27
  • Share album - 28
  • Unshare album - 29 (**)
  • Edit album metadata - 30
  • Delete private album - 31
  • Publish album - 32
  • Withdraw album - 33
  • Delete published album - 34 (*)
  • Add items to an album - 35
  • Remove items from an album - 36
Metadata Level
  • Create profile for collection - 37
  • Edit item metadata - 38
  • Create profile template - 39 (**)

(*) This should only be possible for a system administrator.

(**) Functionality not yet provided but planned for future.

Object CRUD Matrix[edit]

Object Create Read Update Delete
item 10 13-14 12-16
Collection 11 17 19-20-21-23 22
Album 35-36 26 28-29-30 31
Profile 38 ? 39 ?
User/Group 1 2 6 5
System 18 4

Question:

  • If a user has no right to create a collection (can not upload), can another user give him the right to upload within one collection?
  • Does it make sense not to be able to create an Album?
  • An admin role with all rights is missing?
  • What means 4?