Hey, beautiful people.
I've been working on a per-project role-based access control system, and it's finally in place now. You may have guessed yesterday when the site was having some downtime that something was happening, and we were working out the final kinks of the system then.
Side note: Technically, this is per-repository and not per-project, but the mainline repository defines users' permissions in a project.
What this means:
Instead of just Project leader and authors, we can have multiple roles, e.g. Translators, QA, Documenters, Authors, Managers, and really anything that we can think of.
The way the system works:
There is a set of roles that we administrators define. Each role has a set of permissions attached to it.
Each repository has a set of role assignments which grant a user to one or more roles (Yes, you could be both QA and a Translator at the same time).
Each user would then have a set of permissions on a repository defined by the set of permissions of all their roles on that repository.
Here's the set of permissions:
- Abandon project
- Clone closed repository
- Commit to code repository
- Delete repository
- Manage english project translations
- Manage files
- Manage project components
- Manage project pages
- Manage project reward splits
- Manage project milestones
- Manage project images
- Manage project tickets
- Manage project ticket templates
- Manage relationships
- Manage remote sync
- Manage roles
- Merge project
- Resubmit project for approval
- View code repository
- Manage repository
- Manage project
As it stands, we only have Manager (which has all permissions) and Author (which doesn't have as many permissions).
We do want to work on adding more roles, but we need good ideas on what is wanted as far as that is concerned. So if you have some good ideas, feel free to contact us or just leave a comment here.
Currently, all managers are also authors, and any new projects will have the owner be both a manager and an author. Note that the manager can unassign himself as an author.