Project

General

Profile

Actions

Feature #16571

open

Permission system supports seeing & sharing with a group without having access to group contents.

Added by Peter Amstutz over 4 years ago. Updated 7 months ago.

Status:
New
Priority:
Normal
Assigned To:
-
Category:
-
Target version:
Story points:
-
Release:
Release relationship:
Auto

Description

Customer has curators who are not admins who need to share data they manage with other groups. They need to be able to see those groups to select them without being able to see the other group's contents.

It already works this way for Users (you can see a user without gaining access to the things the user owns) but there isn't a way to achieve this behavior for groups

Some ideas:

  • Workaround: create a fake user, grant can_manage, people share with the fake user
  • New group_class that has the desired behavior
  • "view" permission with new semantics (can view group record but follow any of its links)
  • permission links specify separate permission levels for record and traversal: can read/write/manage record, can gain read/write/manage by traversing record
  • "can_use_permissions" and "can_list_members" with new semantics #15372

Related issues

Related to Arvados - Idea #15372: Revise group permissions to separate them from permissions on managed objectsNewActions
Related to Arvados Epics - Idea #16445: Expand permission systemNewActions
Actions #1

Updated by Peter Amstutz over 4 years ago

  • Description updated (diff)
Actions #2

Updated by Peter Amstutz over 4 years ago

  • Description updated (diff)
Actions #3

Updated by Peter Amstutz over 4 years ago

  • Related to Idea #15372: Revise group permissions to separate them from permissions on managed objects added
Actions #4

Updated by Peter Amstutz over 4 years ago

  • Related to Idea #16445: Expand permission system added
Actions #5

Updated by Tom Clegg over 4 years ago

I think [a subset of] #15372#note-19 would address this. "can_use_permissions" would function the way "can_manage" does now, and "can_read" would do what this customer is looking for, i.e., just read the target group.

We could also add "can_use_read_permissions" (to accomplish what A can_read> B can_write> C does now) but I'm not sure whether it's an important case.

permission links specify separate permission levels for record and traversal

#15372 has stuff like "can_use_permissions + can_list_members" (implying can_read but not can_manage) but doesn't say whether that should happen in a single permission link, or multiple links.

Encoding permissions as arbitrary bitmaps instead of predefined constants might make the implementation more efficient, and would enable people to use weird combinations that we haven't named, like "can use target's permissions, but can't see the target itself".

Actions #6

Updated by Peter Amstutz over 1 year ago

  • Release set to 60
Actions #7

Updated by Peter Amstutz 7 months ago

  • Target version set to Future
Actions

Also available in: Atom PDF