More granular permission system
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
IVLE |
Fix Released
|
High
|
William Grant |
Bug Description
At present our permission system is centered around giving users a specific
'role' which may be 'anyone', 'student', 'marker', 'tutor', 'lecturer' and
'admin'. While this works reasonably well for single subjects it can cause
problems when multiple subjects exist.
For example: Consider a student enrolled in a 3rd year subject but also
tutoring a 1st subject. As a tutor for the 1st year subject this means they
would also have to be a tutor for the subject they are enrolled in which
could be a very bad thing especially if tutors have the ability to
view/assign marks of students and manage project groups. Roles should
really be assigned per offering or redesigned into a more flexible
framework.
In new-dispatch.