Idea #3171
Updated by Tom Clegg over 9 years ago
Currently, we have
|Permission links|Behavior|
|No permission path from @userA@ to @userB@|@userA@ can see selected attributes of @userB@ via users#index (as needed by the Sharing tab).|
|@{userA} can_read {groupG} can_read {userB}@|@userA@ can read anything @userB@ can read.|
This should change to
|Permission links|Behavior|
|No permission path from @userA@ to @userB@|@userA@ cannot see that @userB@ exists.
@userB@'s uuid might appear in objects, but
@GET /users/userB@ will yield 404
@GET /users@ will not mention @userB@)|
|@{userA} can_read {groupG} can_read {userB}@|@userA@ can see selected attributes of @userB@ via @users#index@ (as needed by the Sharing tab).|
|@{userA} can_read {groupG} can_manage {userB}@|@userA@ can read anything @userB@ can read.|
Implementation
* When generating the permissions graph in user.rb, follow only the permission links whose head_uuid is a group uuid _or_ whose permission @name@ is @"can_manage"@.
* The test cases involving "rominiadmin" might still work unmodified: the @testusergroup_can_manage_active_user@ link has @can_manage@ permission.
* Add test cases to demonstrate the new behavior, perhaps
** new link: testusergroup can_read spectator
** test: miniadmin user cannot read the owned_by_spectator specimen
** test: miniadmin user can get the spectator user record via index and get
** test: active user cannot get the spectator user record