mconf-web
mconf-web copied to clipboard
mconf
Extend the permission control in webconference rooms
Author Name: Leonardo Daronco (Leonardo Daronco) Original Redmine Issue: 963, http://dev.mconf.org/redmine/issues/963
Currently the permissions of a user on a space or a webconference room are pre-defined in the code and cannot be changed by the user via interface. For instance, users that are members of a space can create the rooms and users that are not members can't. This can't be changed unless you change the code.
The idea is to enable users to control these permissions via interface, but without losing the defaults we already have set. A lot of things could be configured, but initially what we need is the permission to record meetings in a room.
One idea of how to implement this is:
- Add a new model that will contain the new flags (can record?), and will be associated with a user and a "target" (a webconference room initially, but could be any other model)
- If the user has no entry in this table for a given room, his permissions in that room will be the default permissions (the same as we have today, that could also be stored in this new model)
- The interface should allow users to add new associations between users and rooms and set the flags for this user in the target room.
- The interface can be similar to what is done in Google Drive when sharing a document with other people. You show to the user the default permissions in a "table" and let him add new columns to the table, one for each user that needs specific permissions. Then he can set/unset the flags for these specific users.
Other options that we might wish to configure in the future besides "can record?" are:
- can create the room?
- can end the room?
- what's the user role in the room?
Original Redmine Comment Author Name: Leonardo Daronco (Leonardo Daronco) Original Date: 2013-10-07T19:43:13Z
Initially all we need is a flag per user that marks if the user can record or not. This permission should be used for all rooms. To edit it, we should add a checkbox in users/edit, the same way we already have a checkbox to set/unset the user as superuser. Only admins should be allowed to edit it.
Original Redmine Comment Author Name: Leonardo Daronco (Leonardo Daronco) Original Date: 2013-10-17T01:15:18Z
There's a @:record_meeting@ ability "already being used":https://github.com/mconf/mconf-web/blob/65ad184783c46cbbc9a8dcc680baac9432f2de5d/app/controllers/application_controller.rb#L132 but not yet added to the model Abilities. It should be added there to allow the users that have the record flag checked to record meetings.
There isn't much to change in the views, since after #986 the setting of the flag @record@ when creating a meeting is more automatic. The views are also already checking the ability @:can_record@. But they should be checked anyways to make sure they're ok.
The "tests for abilities in BigbluebuttonRoom":https://github.com/mconf/mconf-web/blob/65ad184783c46cbbc9a8dcc680baac9432f2de5d/spec/models/bigbluebutton_room_spec.rb#L13 should also be improved to test that the users with the record flag set can also record.
Original Redmine Comment Author Name: Leonardo Daronco (Leonardo Daronco) Original Date: 2013-11-06T16:54:57Z
The first version is done, with a flag to set if a user can record or not. The user can record meetings only in his room and in rooms of spaces he belongs to, but only if he has the flag set. Only global admins can set the record flag of a user.
Leaving the ticket open because it has more than just the record flag. It should be reviewed again in the future.
