Arvados

Currently, a user is considered "set up" if there is a permission link "user" -> can_read -> "All users"

This means things shared with "All users" can be seen by everyone in the "All users" group.

However, there is a problems with this:

We don't create the link going the other way: "All users" -> can_read -> user. You have to "opt in" users to be visible to "All users". This is confusing.

There is no UI enabling users to opt in (or opt out) of being visible to "All users" nor is it documented. There is also no other UI that would allow users to connect to one another (see #17814) or easily create/manage role groups for mutual visibility (#16946).

For this ticket:

Proposed solution: a configuration option that "opts in" users to the "All users" group by default when the user account is set up. Consider making this the default on new installs, because this is almost always what people actually want.

Follow up with additional tickets that make the multi-tenant case work better: a user should be able to create a group and then invite other users to the group so that they are mutually visible without being being required to be visible to the entire instance.