Page MenuHomePhabricator

Improve divide between staff and superuser
Closed, DeclinedPublic

Description

Currently most (if not all) staff simply have full access to the admin interface.

We should really split staff out into a group with more restricted controls over the platform, providing a better interface to, for example, set users as coordinators, and restricting access to areas of the admin interface that aren't required.

Staff need to be able to:

  • Add and edit partners, including assigning coordinators
  • Add and edit collections
  • Add and edit tags
  • Add and edit contact people
  • Add and edit send instructions
  • Add or remove users to the coordinator user group

This task would also include making sure that all is_staff and is_superuser checks throughout the code are using the right permission.

Related Objects

Event Timeline

Samwalton9 triaged this task as Medium priority.Jun 5 2018, 12:28 PM
Samwalton9 moved this task from Incoming tasks to Open tasks on the Library-Card-Platform board.
Vvjjkkii renamed this task from Improve divide between staff and superuser to osdaaaaaaa.Jul 1 2018, 1:12 AM
Vvjjkkii raised the priority of this task from Medium to High.
Vvjjkkii updated the task description. (Show Details)
Vvjjkkii removed a subscriber: Aklapper.
Nikkimaria renamed this task from osdaaaaaaa to Improve divide between staff and superuser.Jul 1 2018, 1:25 PM
Nikkimaria lowered the priority of this task from High to Medium.
Nikkimaria updated the task description. (Show Details)
CommunityTechBot renamed this task from Improve divide between staff and superuser to Improve divide between staff and superuser.Jul 5 2018, 6:35 PM
CommunityTechBot updated the task description. (Show Details)

Not sure whether this would be best achieved by limiting access to portions of the admin interface, or by creating a new staff dashboard for editing this information.

Looks like https://github.com/tiliv/django-field-permissions might be the solution if we're going to still use the admin interface. It don't think it can hide information that staff don't need, but it can restrict them to only editing certain things (i.e. user perms, but not their email).

This comment was removed by Samwalton9.
Nikkimaria added a subscriber: Nikkimaria.

Flagging that this will need a bit more discussion around implications