[
https://issues.apache.org/jira/browse/AIRAVATA-2591?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16257043#comment-16257043
]
Marcus Christie commented on AIRAVATA-2591:
-------------------------------------------
[~Sachin Kariyattin], [~smarru], [~tilaks26],
I didn't think we were going to add to the Sharing registry's models and
instead were going to model group roles using the existing models. We could
create a new EntityType for group member roles as well as a set of permissions
and apply them to UserGroups. It was my understanding that this is what
[~scnakandala] suggested.
Sachin's question about these methods not knowing which user is calling them
makes me think that the authorization should be in the API server, not at in
the Sharing registry, which doesn't do any authorization at this point and I'm
not sure we want to introduce that.
> Add group roles capabilities to Groups
> ---------------------------------------
>
> Key: AIRAVATA-2591
> URL: https://issues.apache.org/jira/browse/AIRAVATA-2591
> Project: Airavata
> Issue Type: New Feature
> Reporter: Suresh Marru
> Assignee: Sachin Kariyattin
>
> Currently, the group members do not have fine-grained roles so only the owner
> can add users to this group.
> It will be better to add group-member-roles:
> * The owner who creates the group initially. This ownership should be
> transferable to a different user. Only owners should be allowed to delete the
> groups.
> * admin - a user role which will allow to add more users or remove users from
> the group.
> * user - all users added to the group are by default in this role.
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)
