This makes sense, Hank. Sounds like you'll need "add user" and "remove user" functionality added. Right? (I'm pretty sure that's not in there, but I'm judging from only the screenshot at the moment. Hopefully somebody will correct me if I'm wrong.) May also want/need a way to create the roles? Or does just having the ability to assign roles to existing users (what's obviously been done by Josh already) provide something valuable in itself?
Judy On Sep 28, 2011, at 12:25 PM, Hank Magnuski wrote: > One of the first questions I get asked by prospective customers for > Matterhorn is "Can you restrict viewing rights to selected users or groups?" > The question comes up ALL the time. > > Well of course you can in Matterhorn as the underlying security framework > supports Users and Roles etc. > > But how do you show that to a prospect and make it easy to try out in a pilot > installation? Configuring LDAP or CAS is not the answer. > > And limiting the demo to some rigid set of names "Student1, Student 2, ... , > is not the answer either. > > This type of page allows easy security setup for early adopters and pilot > programs without a lot of hassle. I think it's a "must-have" feature. It also > lets people easily experiment with the use of Users and Roles so they can > understand these features before they need to spec exact details for their > LDAP servers. > > I'm less concerned about admin rights for this page. Anybody is fine with me. > > Hank > > On Wed, Sep 28, 2011 at 11:59 AM, Judy Stern <[email protected]> wrote: > Two questions: > How important is it to those on this list to make the Users tab (see > screenshot below) available sooner rather than later, even if it's somewhat > unfriendly? (Seems unlikely that we'd be able to improve it much from the > proof of concept Josh has created, unless Rudiger or others have resources to > help in the next few days.) Any details you can provide about how you intend > to use this feature would be helpful. > > And, when the Users tab is available, is it okay if it is available to > anybody who can access the admin UI, or does you need it to be restricted to > just the superadmin (or some other set of restricted roles)? > > Keep in mind that (as I understand it, after talking to Adam H. who had a > conversation with Josh) we will likely be turning on the feature to assign > manage privileges (per Series) as in [1] and [2], allowing users in other > roles to have access to the admin UI; they'd be able to see only series and > recordings for which they've been granted privileges, but they'd still be > able to see all the tabs that the superadmin would see ((unless we did more > work). > > Judy > > > > [1] design: > http://opencast.jira.com/wiki/display/MH/Permission+Management+on+Series+UI+for+1.3 > > [2] actual UI at some point before we removed second column of checkboxes > http://opencast.jira.com/secure/attachment/12183/Screen+shot+2011-05-24+at+6.04.05+PM.png > > _______________________________________________ > Matterhorn-users mailing list > [email protected] > http://lists.opencastproject.org/mailman/listinfo/matterhorn-users Judy Stern Educational Technology Services, UC Berkeley [email protected]
_______________________________________________ Matterhorn-users mailing list [email protected] http://lists.opencastproject.org/mailman/listinfo/matterhorn-users
