Community Permission Rules

From ADempiere
Jump to: navigation, search
This Wiki is read-only for reference purposes to avoid broken links.

STATUS: approved by ADempiere citizens on 3th of October

Forum: http://sourceforge.net/projects/adempiere/forums/forum/611167/topic/3865184/index/page/1

Current Situation

There are no rules or guidelines for granting or revoking permissions whether is it to sourceforge, wiki or any other service used by this project to fullfil its duty.

This document suggests according to which strategy and rules permissions should be administrated.

Concept

As there are no permissions rules today plus most of the permissions have been set back to default the question araises how to create the net of rules step by step.

  • permission management is executed by one voted entity of the community which is the Community Council.
  • Community Council Team may work out guidelines and extend the policy about permission handling
  • permission are only granted or revoked if there is a legitimation
  • legitimation can be a
    1. role: you need permission to do your job
      example: Election Officer needs access to Limesurvey
    2. rule: general pattern applies
      example: everbody is allowed to delete wikipages
  • In case role is not existing
    1. role and rule definition must be created by using entities of the community (citizens, CC, PMC)
    2. the user or users holding the role must be legimitized by an entity of the community
    3. citizen that is having a role must be documented in the citizens list
    4. rule must be documented on this wiki page
  • consequently, if somebody is not having a role anymore his rights associated with the role are revoked


At the end role definitions, citizens holding the roles and procedures for permission management should be existing.