Feature #16817

Configuration option to grant users read access to "All users" group by default

Added by Peter Amstutz over 1 year ago. Updated 2 months ago.

Status:
Resolved
Priority:
Normal
Assigned To:
Tom Clegg
Category:
API
Target version:
2021-11-24 sprint
Start date:
10/29/2021
Due date:
% Done:

100%

Estimated time:
(Total: 0.00 h)
Story points:
-
Release:
Arvados 2.3.1
Release relationship:
Auto

Description

Currently, a user is considered "set up" if there is a permission link "user" -> can_read -> "All users"

This means things shared with "All users" can be seen by everyone in the "All users" group.

However, there is a problems with this:

We don't create the link going the other way: "All users" -> can_read -> user. You have to "opt in" users to be visible to "All users". This is confusing.

There is no UI enabling users to opt in (or opt out) of being visible to "All users" nor is it documented. There is also no other UI that would allow users to connect to one another (see #17814) or easily create/manage role groups for mutual visibility (#16946).

For this ticket:

Proposed solution: a configuration option that "opts in" users to the "All users" group by default when the user account is set up. Consider making this the default on new installs, because this is almost always what people actually want.

Follow up with additional tickets that make the multi-tenant case work better: a user should be able to create a group and then invite other users to the group so that they are mutually visible without being being required to be visible to the entire instance.

Subtasks

Task #18302: Review 16817-users-visible-upon-activationResolvedPeter Amstutz

Related issues

Related to Arvados - Feature #17814: Send "invite" or "friend request" to connect with other usersNew

Related to Arvados Epics - Story #16946: WB2 user/group management featuresIn Progress08/01/202112/31/2021

Related to Arvados - Bug #18265: WB2 version show modified by as UUIDClosed

Associated revisions

Revision 615722f1
Added by Tom Clegg 2 months ago

Merge branch '16817-users-visible-upon-activation'

closes #16817

Arvados-DCO-1.1-Signed-off-by: Tom Clegg <>

History

#1 Updated by Peter Amstutz over 1 year ago

  • Target version changed from 2020-10-07 Sprint to 2020-10-21 Sprint

#2 Updated by Peter Amstutz over 1 year ago

  • Target version changed from 2020-10-21 Sprint to 2020-11-04 Sprint

#3 Updated by Peter Amstutz over 1 year ago

  • Target version changed from 2020-11-04 Sprint to 2020-11-18

#4 Updated by Peter Amstutz about 1 year ago

  • Target version changed from 2020-11-18 to 2020-12-02 Sprint

#5 Updated by Peter Amstutz about 1 year ago

  • Target version changed from 2020-12-02 Sprint to 2020-12-16 Sprint

#6 Updated by Peter Amstutz about 1 year ago

  • Category set to API

#7 Updated by Peter Amstutz about 1 year ago

  • Target version changed from 2020-12-16 Sprint to 2021-01-06 Sprint

#8 Updated by Peter Amstutz about 1 year ago

  • Target version changed from 2021-01-06 Sprint to 2021-01-20 Sprint

#9 Updated by Peter Amstutz about 1 year ago

  • Target version changed from 2021-01-20 Sprint to 2021-02-03 Sprint

#10 Updated by Peter Amstutz about 1 year ago

  • Target version deleted (2021-02-03 Sprint)

#11 Updated by Peter Amstutz 6 months ago

  • Subject changed from Configuration option to grant users read or write access to "All users" group by default to Configuration option to grant users read access to "All users" group by default

#12 Updated by Peter Amstutz 6 months ago

  • Target version set to 2021-09-01 sprint

#13 Updated by Peter Amstutz 6 months ago

  • Related to Feature #17814: Send "invite" or "friend request" to connect with other users added

#15 Updated by Peter Amstutz 6 months ago

  • Related to Story #16946: WB2 user/group management features added

#16 Updated by Peter Amstutz 6 months ago

  • Description updated (diff)

#17 Updated by Peter Amstutz 6 months ago

  • Target version changed from 2021-09-01 sprint to 2021-09-15 sprint

#18 Updated by Peter Amstutz 5 months ago

  • Target version changed from 2021-09-15 sprint to 2021-09-29 sprint

#19 Updated by Peter Amstutz 4 months ago

  • Target version changed from 2021-09-29 sprint to 2021-10-13 sprint

#20 Updated by Peter Amstutz 4 months ago

  • Target version changed from 2021-10-13 sprint to 2021-10-27 sprint

#21 Updated by Peter Amstutz 3 months ago

  • Target version changed from 2021-10-27 sprint to 2021-11-10 sprint

#22 Updated by Peter Amstutz 3 months ago

  • Related to Bug #18265: WB2 version show modified by as UUID added

#23 Updated by Peter Amstutz 3 months ago

  • Target version changed from 2021-11-10 sprint to 2021-11-24 sprint

#24 Updated by Peter Amstutz 3 months ago

  • Target version changed from 2021-11-24 sprint to 2021-11-10 sprint

#25 Updated by Peter Amstutz 3 months ago

  • Assigned To set to Tom Clegg

#26 Updated by Tom Clegg 3 months ago

  • Status changed from New to In Progress

#27 Updated by Tom Clegg 3 months ago

16817-users-visible-upon-activation @ df10273df0d8b78257d0bfb9ef0865e433977c1e -- https://ci.arvados.org/view/Developer/job/developer-run-tests/2756/

nb this is based on a main version that appears to be failing tests, https://ci.arvados.org/job/run-tests/5001/

#28 Updated by Ward Vandewege 3 months ago

Tom Clegg wrote:

16817-users-visible-upon-activation @ df10273df0d8b78257d0bfb9ef0865e433977c1e -- https://ci.arvados.org/view/Developer/job/developer-run-tests/2756/

nb this is based on a main version that appears to be failing tests, https://ci.arvados.org/job/run-tests/5001/

The tests in main have been unbroken, sorry about that! Cf. https://ci.arvados.org/job/run-tests/5003/

#30 Updated by Peter Amstutz 3 months ago

  • Release set to 45

#31 Updated by Tom Clegg 2 months ago

  • Target version changed from 2021-11-10 sprint to 2021-11-24 sprint

#32 Updated by Peter Amstutz 2 months ago

Sorry about the delay.

This LGTM.

#33 Updated by Tom Clegg 2 months ago

  • Status changed from In Progress to Resolved

Also available in: Atom PDF