QA results: BCMS user roles permissions
Currently we support three roles at ncbi, Sys admin
, Org Admin
and Editor
. Permissions for each one are listed in spreadsheet here
Fixes:
-
Team modal in book manager
Currently the user that creates a book is added as an editor in the book team modal (like in screenshot above). It is not necessary forAdmin
,Sys Admin
andOrg Admin
to be listed there, because however they do have full access to everything inside of a book. -
Accessing content by book url (when points 3, 4 and 5 in this issue are resolved by #1039 (closed), this should be automatically fixed) -- #1039 (closed)
Everyone within an account on ncbi, if given a correct book link, can access the book manager page and make changes to book settings, metadata and team.
-
Removing Sys Admins -- #1039 (closed) If at some point we change access for a sys admin (by removing their sys admin role). If this user has created books and has the links about those books, it can still access everything with those books and do actions there. Also this user still stays as a editor on team modal of it's created books, after being removed from the role of sysadmin.
-
Removing Org Admins -- #1039 (closed) Same issue as above. They can still access the books they created.
-
Removing Editor role -- #1039 (closed) Same issue as above. When you remove the role as editor to a user from the users org tab. They still can see books that they created. Also the user is not removed access from the book where it is added from team modal or team tab of a book component. -- **Issue confirmed with Stacy on 4 May 2022).
6.* User accepted to an Org but no role yet -- #1040 (closed)
When a user is accepted to an org they can view the list of books in the dashboard but not the content inside. However they can access and change the book menu as below:
For chapters processed books they are allowed also to view book components and submit. Action which would cause a component to get stuck on status 'new upload' in dashboard but actually it's converting.
-
Editors
There are two cases:
7.1. User assigned as Editor from the Org users tab, but no role as editor in any book or book component
This type of user should not have access inside of books. They can only view based on sheet 1Dashboard
of spreadsheet (#1211 (closed) will result in not seeing books on the dashboard if you don't have access to them). When they try to open a book by following the URL (or through the dashboard before #1211 (closed) is done), they should see the messageYou do not have sufficient permissions to access this page
.-- #1041 (closed)
7.2. Editor which is added to team only for specific book component (added from the team tab of the book component)
- #1206 (closed) This type of editor, has access to view and edit book components where it is assigned. Only applicable for chapter processed book.- To Fix 1: However it should not have access to the edit Settings, Metadata, Team and Toc of the Book. Should only have view access for these modals.
- Note: Should not be able to upload converted book components for book components where it is an editor -- (DM: only sys admin has this permission)
- To Fix 2: It should not be allowed to update all book components from bulk upload, if they are not editors of them.
- To Fix 3: Should be able to publish a book component from the Files tab.