Groups Projects Ownership and Permissions Specification » History » Revision 2
Revision 1 (Peter Amstutz, 08/06/2014 09:34 PM) → Revision 2/28 (Peter Amstutz, 08/06/2014 09:36 PM)
h1. Groups, Projects, Ownership and Permissions Specification * There are three levels of permission, *can_read*, *can_write*, "can_read", "can_write", and *can_manage*. "can_manage". ** *can_read* "can_read" grants read-only access to the record ** *can_write* "can_write" permits changes to content (but not metadata) fields of the record. *can_write* "can_write" also implies *can_read* "can_read" ** *can_manage* "can_manage" permits the user to create permission links with @head_uuid@ set to this object. *can_manage* "can_manage" also implies *can_write* "can_write" and *can_read* "can_read" * All Arvados objects have an @owner_uuid@ field. Valid uuid types for @owner_uuid@ are "User" or "Group". * If the @owner_uuid@ of an object is a User, that User has *can_manage* can_manage" permission on that object. * If @owner_uuid@ of an object is a Group, then that object is a member of that group. * A "Project" is a subtype of Group that indicates the group should be displayed in the "Projects" section of Workbench.