Use cases
- How do I make my XWiki hidden/private? (only registered users can view/edit)
- How do I make my XWiki locked? (admins only can create a new account)
- Many mistakes are made when managing rights because:
- the meaning of the different fields is not clear
- which text to enter in the fields is not clear
- the cascading of the rights between xwiki, space and document is not clear
- We need the following improvements:
- Easier access to user and groups. Select or add any user or groups. Add to groups on the fly.
- Easier understanding of view/edit/comment/admin rights
- Visual understanding of rights inheritance (rights from the upper level replace or not at the current level)
- view all the rights on the wiki (global rights + space specific rights + pages specific rights)
Components
- Visibility
- Local
- Global
- Level
- Page ( http://www.xwiki.org/xwiki/bin/view/XWiki/XWikiRights )
- Space
- Wiki
- Status
- Default(represent it)
- Allow
- Deny
- Assignee
- User
- Unregistered
- Registered
- Group
- User
- Actions
- View existing rights: default, allowed/denied given rights
- Add specific rules
- Remove the specific added rules
- Display in:
- Rights Administration for Wiki Level
- Rights Administration for Space Level
- Rights Administration for Page Level -> Edit - Rights
- User Profile
Considerations
- Describe more explicit the rights meaning (they apply to pages/objects/etc?)
- Remind the user what each right signifies
- Use Details overlays (tooltips) to do that
- Rights visualization
- Show Default rights
- Show Inherited rights
The "Edit" right should automatically inherit the "View" right XWIKI-4491 Make inherited rights visible in the Rights Management UI XWIKI-2636 + XWIKI-3835 - Specify that we have rights for document creators:
"creator" special value for rights management XWIKI-1769 - They should not go from one view to another, but they should be able to see the inheritance they got from upper levels:
- If users only have the space admin right then they are only directed to the space admin.
- They cannot switch space from this admin.
- Global admin are directed to the usual interface which gives access to the global and space admins.
- An administrator should be able to disable per page access rights.
- If users only have the space admin right then they are only directed to the space admin.
- They should not go from one view to another, but they should be able to see the inheritance they got from upper levels:
- Users and groups can be either managed in the global wiki (xwiki: prefix) or in the local wiki, or in both
- We need a visual way to distinguish the global and local groups (hidding the xwiki: prefix)
Configurable Access Rights granularity XWIKI-2183
- We need a visual way to distinguish the global and local groups (hidding the xwiki: prefix)
- Apply button for Rights management
- It would be better if we have a "Apply" and "Cancel" buttons so we can do the changes but only commit when we click on the apply/submit button
Users & Groups | |
---|---|
Allow checking what groups a user belongs to using the Rights Management UI | XWIKI-2449 |
See to which groups a user belongs to | XWIKI-1901 |
Filtering | |
Ability to filter users/groups by granted rights in the new Rights Management UI | XWIKI-2410 |
Disabling elements | |
Disable actions that you don't have the right for it | |
Hide "Export as XAR" from Menu if you don't have Admin rights | XE-498 |