Uploaded image for project: 'Camunda Optimize'
  1. Camunda Optimize
  2. OPT-2276

Advanced Permissions for Entities

XMLWordPrintable

    • Icon: Feature Request Feature Request
    • Resolution: Done
    • Icon: L3 - Default L3 - Default
    • 2.6.0
    • None
    • None

      In order to move away from every entity in Optimize being globally available to every authorized user (report & dashboards) a collection-based permission system will be introduced.

      In the following the term Entity covers an instance of a Report or a Dashboard.
      A Collection-based permission system means in particular that entities created by users are by default private and not visible to other users. They can however be published by adding them to collections on which users can be granted a role based permission.
      The available roles are specified in the attached screenshot.

      AT:

      • collections will have members (users and user groups) along with roles
      • A Collection can be opened as page with information/navigation to contained entities, members and roles
      • a particular entity can only belong to one or no collection
      • entities not belonging to a collection are private the the author of the entity and not visible to other users
      • a creator of a collection is automatically the manager of that collection
      • the manager role will be provided to enable multiple users with full rights per container
      • collection entities where the current user lacks engine definition authorizations are still invisible to the user (row-level security over membership)

      The following functionality will not be in the scope of this feature:

      • No nesting of collections
      • No distribution of a particular entity in multiple containers, entities can be copied to other collections though
      • No permissions on entity level

      Zeplin Links:

      UI Design (first iteration) : https://app.zeplin.io/project/5b4f294ab0d5cf0c2c391d1d/dashboard?seid=5d65202aa192a38cad235b55

      Use Cases (no UI design, just user flows) : https://app.zeplin.io/project/5b4f294ab0d5cf0c2c391d1d/dashboard?seid=5d5a67643738cb9bcd824329

        This is the controller panel for Smart Panels app

          1. roles.png
            40 kB
            Sebastian Bathke
          1.
          Add Role-Management to Collections Sub-task Done Unassigned
          2.
          Add Definition/Tenant-Management to Collections Sub-task Done Unassigned
          3.
          Revised Collection<->Entity relations Sub-task Done Unassigned
          4.
          Get Collection by id endpoint returns resolved collection Sub-task Done Unassigned
          5.
          Get collections and private entitites endpoint Sub-task Done Unassigned
          6.
          Get entites endpoint returns counts Sub-task Done Unassigned
          7.
          Create Reports & Dashboards inside a collection endpoints Sub-task Done Unassigned
          8.
          Add reportType and combined to EntityDto Sub-task Done Unassigned
          9.
          Collection role authorization Sub-task Done Unassigned
          10.
          Report/Dashboard Role Authorization Sub-task Done Unassigned
          11.
          Migrate Reports,Dashboards and Collections from 2.5 to 2.6 Sub-task Done Unassigned
          12.
          I can see the new Home page Feature Part Done Unassigned
          13.
          Add edge cases to new Homepage list loading Feature Part Done Unassigned
          14.
          I can use a context menu in the new Homepage Feature Part Done Unassigned
          15.
          The header of the new Homepage is always visible Feature Part Done Unassigned
          16.
          I can create new Collections and entities inside Collection Feature Part Done Unassigned
          17.
          New Header with Breadcrumbs Feature Part Done Unassigned
          18.
          I can copy stuff to collections Feature Part Done Unassigned
          19.
          User Management for Collections Feature Part Done Unassigned
          20.
          I can search on the Homepage Feature Part Done Unassigned
          21.
          I can use the new Homepage using only the keyboard Feature Part Done Unassigned
          22.
          Validate CollectionRole Identity exists Sub-task Done Unassigned
          23.
          Return entity data structures in resolved collection Sub-task Done Unassigned
          24.
          Report Count on combined report entity Sub-task Done Unassigned
          25.
          Report Evaluate response contains currentUserRole Sub-task Done Unassigned
          26.
          Apply row-level security on collection entities list Sub-task Done Unassigned
          27.
          Super-User setup Sub-task Done Unassigned
          28.
          Hide Edit/Delete on entities based on user permissions Sub-task Done Unassigned
          29.
          I can only add Reports to Dashboards that are in the same collection Feature Part Done Unassigned
          30.
          I can only combine reports that are in the same collection Feature Part Done Unassigned
          31.
          Allow only reports from same collection to be added to dashboards/combinedReports Sub-task Done Unassigned
          32.
          Cannot add more than one role to a collection Bug Part Done Unassigned
          33.
          Add pre-emptive error handling for user operations Feature Part Done Unassigned
          34.
          User role values should be lowercase Sub-task Done Unassigned
          35.
          On evaluation error the processDefinition does not contain the currentUserRole Bug Part Done Unassigned
          36.
          I can search on the User List of Collections Feature Part Done Unassigned
          37.
          Collection Entity Sorting by type Sub-task Done Unassigned
          38.
          Add a message to user role management conflict response Sub-task Done Unassigned
          39.
          On Combined Report copy and move subreports are not put into the correct collection Bug Part Done Unassigned
          40.
          Edit Collection from Home goes to Collection page Bug Part Done Unassigned
          41.
          On copying a dashboard only one copy of a unique contained report should be created Bug Part Done Unassigned
          42.
          Edit collection and add user modal gets confirmed with Enter key even with invalid input Bug Part Done Unassigned

              Unassigned Unassigned
              felix.mueller Felix Mueller
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

                Created:
                Updated:
                Resolved: