Non-group admin can manage group views and group files

I don't think there's an easy way to restrict editing of ordinary group views.

But it would be quite easy to stop the group homepage view from being edited by non-admins, and I think we should do that before the release.

Group files have view/edit permissions set individually for each file and each role in the group, which is intentional. If a group admin uploads a file to a group and doesn't want ordinary members to be able to edit it, s/he must edit the file in the group files area and set the permission explicitly.

Group homepage fixed, but I'll leave this open until we have per-view edit permissions on group views.

Dirk: By the way, I forgot to mention that whether or not group members can edit group views is currently determined by the group type: for groups of type 'course', only tutors and admins can edit views; for 'standard' groups, all members can edit views.

It would be great to allow members of a course group to edit group views (maybe not the group homepage) as that is a way to collaborate on views. I don't see why that should not be allowed when you can do so in standard groups. Some tutors might want to choose a course group simply to allow for the submission of views, but would still like to edit views together with all / select members of the group.

Cf. http://mahara.org/interaction/forum/topic.php?id=2360 where that could come in handy.

Am I correct in thinking that this problem means that anyone in a group can login and delete files another person updates it. Also, that there is an edit option on a file in groups that effectively do nothing. If it is unchecked for group edit - a member of the group can still edit the file details and delete the file.

This to me seems like its a significant issue and should be assigned a higher importance.

Reviewed: https://reviews.mahara.org/628
Committed: http://gitorious.org/mahara/mahara/commit/5117c73336564ece6f2a38e95019c857b87fd027
Submitter: Richard Mansfield (<email address hidden>)
Branch: master

commit 5117c73336564ece6f2a38e95019c857b87fd027
Author: Richard Mansfield <email address hidden>
Date: Tue Aug 30 16:30:28 2011 +1200

    Allow per-group page editing permissions

    The roles which have edit permissions on group views is set for each
    grouptype. This changes the setting to be per-group.

    Partially addresses bug #547362, bug #631189

    Change-Id: I3f51f0ed44b7f479a094a2c5b2e2ee4807722e34
    Signed-off-by: Richard Mansfield <email address hidden>

Now configurable within each group by the group admin, instead of determined by group type.

Reviewed: https://reviews.mahara.org/661
Committed: http://gitorious.org/mahara/mahara/commit/1e4f1c55cc032dd4dea6ed7467746edfffa4e7d5
Submitter: Richard Mansfield (<email address hidden>)
Branch: master

commit 1e4f1c55cc032dd4dea6ed7467746edfffa4e7d5
Author: Richard Mansfield <email address hidden>
Date: Mon Sep 5 14:52:56 2011 +1200

    Add group view setting to prevent editing by non-admins (bug #631189)

    Admins can set the 'locked' property on a group view, and this will
    stop non-admin members from editing the view, regardless of the view
    editing permissions given to roles within the group.

    Change-Id: I56c113a9d4e8fcab5463fa1c54bf456f7fc2364b
    Signed-off-by: Richard Mansfield <email address hidden>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

status fixreleased
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iQEcBAEBAgAGBQJPjqdlAAoJECXBtiziiXdcxeoH/iQi1ljFCaDUrA07cq6IAZga
p3Tw7VRtZBy6Cl5NwOFg1b4/DsqFIM9fQPb+WpJqUAcTVP6B44QElOCtb0ldeZCw
cgWlkkSj1jk/gpCdKhCZ2MMHkRjMao5ZpUyF4vSO26tIiYcvPIhRoF6uWu0Z40xe
1wee4ZKGEEvO13bujMyuu4nEQSd9TK5VWPn+PbIKFEyJgCY19Zw62fWBXoanPbWj
LDuO9AnaQOPyVEx2qtoH8M5LFra2zq+dZ9Ac7oAiLffcWJAB9MqL8o2zbQHpOuVi
Ynrh6BIyUYaqdt1BhALrJ6/MQ0h7mDKGy8CVg0z4e2VHyxecYwc84kwzrItH7I0=
=mdeb
-----END PGP SIGNATURE-----

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 status fixreleased
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iQEcBAEBAgAGBQJPjrRzAAoJECXBtiziiXdcggYH/39bWTAPjHe9fUi3ve11K6iW
/R7j+mSc51e/47Cx0Z1Xv1HkDY0ymFLyRU/4CgErzWLWtrlSVhDx/r3gf8aHj+A+
ICmHRmTTCRBij5sKZVZbzZDN/t9drPvJ1u1dWcagGR2DiXoxAa9Kd2LUXKScRvS6
DqhQWj42JiOoo1R1FGFLa8dpPwlzwuLKyQQ6gvdDutva0E3RqktUUBy8w6ieMG6E
UM/K4sdgx7AAhfBxg91349DOjKeHE/69Vb1gbJXE9UtY/xwe+3sgBtAM7aN4e5US
PhBcGckRLkgxpwLwDzTNGuDHFp51OjIdqXaoRAxXx3tgOonY2bs/eqg42RJBcR4=
=dLjM
-----END PGP SIGNATURE-----