dsp-api icon indicating copy to clipboard operation
dsp-api copied to clipboard

Published 20 hours ago verified publisher icon dasch-swiss

In the context of permissions think in Roles instead of UserGroups

Open subotic opened this issue 6 years ago • 0 comments

The current behavior should not change.

  • knora-base:User can be part of a knora-base:UserGroup
  • knora-admin:Role represents a role giving the holder certain permissions (knora-admin:Permission), which need to be defined separately
  • knora-admin:Role can be attached to knora-base:User and knora-base:UserGroup

The user's final permission is the sum of all roles and the permissions attached to each role.

The permission string knora-base:hasPermissions "M knora-base:ProjectMember" on a resource would thus have the meaning: award the permission M to the ProjectMember role.

Related issues:

  • #679

subotic avatar Dec 05 '18 15:12 subotic