user roles
Derek Atkins
warlord@MIT.EDU
02 Jan 2001 16:02:24 -0500
David, a good start...
David Merrill <dmerrill@lupercalia.net> writes:
> We need to determine what level of granularity we want to provide for
> user permissions. Here is a simple set of permissions to start with.
> Tell me what I've missed:
>
> - system administration (manage entire system)
> - corporate administration (manage one set of books)
> - account administration (manage a single account)
> - account data entry (add/delete/update records in an account)
I would think that add, delete, and update might be split into three
different sets of permissions. I may give a secretary permission to
add entries, but I dont want him/her to be able to change or even
worse delete entries.
Perhaps we might want a "can perform these operations but commitment
requires the approval of someone else". I.e., they can try to update
a record, but I need to approve the change before it is committed.
> - account monitoring (read-only access)
-derek
--
Derek Atkins, SB '93 MIT EE, SM '95 MIT Media Laboratory
Member, MIT Student Information Processing Board (SIPB)
URL: http://web.mit.edu/warlord/ PP-ASEL-IA N1NWH
warlord@MIT.EDU PGP key available