Discussion of permissions capabilities and additional topics
Jason Loeffler
Reviewed the recommendation docs related to permissions; notes two related projects: permissions within application and external authentication such as CAS and LDAP
Jason would like there to be a survey of what external authentication systems people use/want to use and also a survey about whether people are serving ArchivesSpace through https.
Administration matrices could potentially be adapted to what Drupal uses - relatively easy for a lay person to understand
Thinks the text in the doc is clear but screenshots and examples a little muddy
Will aim to get additional feedback in by the deadline next week
Jason will walk through a sample Drupal installation/admin panel with Lydia
Qs:
Is there a way to add an arbitrary permission group? Yes, Devon clarifies that screenshot doesn't show everything or encompass all features available
What about field level permissions? Devon says didn't find that people wanted/needed that - at the resource level was as granular as was expected to be needed. But could be interesting to have that level of control. Some possible uses cases: sensitive fields, cataloger-only fields
General sense that the spec aimed toward greater customization of permissions
Tying layouts into what users have permission to edit - would simplify data entry
Jason will work on a document with his ideas
Is there a need to have API only permissions - possibility to add that as a permission level to provide additional security/prevent accidental deletions via the API
Discussion of Brainstorming and commentary within the Recommendations: can anything be added to our recommendations?