Discussion of permissions capabilities and additional topics
Reviewed the recommendation docs related to permissions; notes two related projects: permissions within application and external authentication such as CAS and LDAP
Jason would like there to be a survey of what external authentication systems people use/want to use and also a survey about whether people are serving ArchivesSpace through https.
Administration matrices could potentially be adapted to what Drupal uses - relatively easy for a lay person to understand
Thinks the text in the doc is clear but screenshots and examples a little muddy
Will aim to get additional feedback in by the deadline next week
Jason will walk through a sample Drupal installation/admin panel with Lydia
Is there a way to add an arbitrary permission group? Yes, Devon clarifies that screenshot doesn't show everything or encompass all features available
What about field level permissions? Devon says didn't find that people wanted/needed that - at the resource level was as granular as was expected to be needed. But could be interesting to have that level of control. Some possible uses cases: sensitive fields, cataloger-only fields
General sense that the spec aimed toward greater customization of permissions
Tying layouts into what users have permission to edit - would simplify data entry
Jason will work on a document with his ideas
Is there a need to have API only permissions - possibility to add that as a permission level to provide additional security/prevent accidental deletions via the API
Discussion of Brainstorming and commentary within the Recommendations: can anything be added to our recommendations?
Lots of great ideas in these. Lydia will follow up with groups about ones that seem to pertain to their areas.
Could be a helpful basis for a future working group
Continuing the SIEWG work beyond the delivery of the final recommendations
Christine explained some of the aspects of involvement beyond the delivery of the final recs. Will need people for further clarification on specs, possibly testing on delivered features. Time committment is not clear right now, but likely will continue throughout 2018, with less intense and more intense periods of activity. At a minimum, opting in means staying on the project listserv. Lydia has created an opt-in survey to indicate interest: https://goo.gl/forms/kJsREtnsu28yslBi1
Final steps before delivery of final recs
Focus on proofreading, streamlining. Everyone should try to look at two other groups' work.
By the 19th, finalize our recommendations.
Team proof-reading assignments:
Visual Layout: Data Entry and User Accounts (including Permissions matrix)
Organization of Menus: User Accounts (including Permissions matrix) and Customization
Navigation: Customization and Shortcut keys (Time-saving)
Data Entry: Shortcut keys (Time-saving) and Top Containers
User Accounts: Top Containers and Background Jobs
Customization: Background Jobs and Agents/Subjects