In MyAEGEE, the permissions system is used. Main concepts:
- each permission has the scope. It can be on of three: global (applies to every body), local (applies only to the body you've got this permission from) and join_request.
- each permission has the action (which defines the action that can be done) and the object (what object this action can be done on)
- permissions can be attached to circles, if the person is a member of the circle, he has this permission
- if a circle is attached to a body, and the permission's scope is local, a user only can do action on this body, not on the others
- circles can be inherited, e.g. if there's a circle, and it has a parent circle, then it inherits all its permissions
List of the permissions in the system
oms-core-elixir
Nico can you fill it in?
oms-statutory
Action is always one of the event types (agora/epm/spm).
Permission name (scope:action:object | Description |
---|---|
global:manage_event:<event_type> | Create statutory events, edit them, manage pax limits for the event (e.g. how many envoys/delegates/etc. from each body can apply), publish/unpublish events, delete events. |
global:manage_applications:<event_type> | See all applications, mark them as accepted/rejected, confirmed/not confirmed, attended/not attended, registered/not registered, departed/not departed, see all of the listings, apply disregarding the deadline. |
global:apply:<event_type> | Apply to the statutory event disregarding its deadline. |
global:use_massmailer:<event_type> | Use massmailer for this type of statutory event. |
global:manage_incoming:<event_type> | See incoming listing of the applications with required fields, set confirmed/not confirmed and attended/not attended for the applications. |
global:manage_juridical:<event_type> | See JC listing, set registered/not registered, departed/not departed for applications (for calculating votes) |
global:update_memberslist_status:agora | See Network Director listing, mark people as present/not present on members list. |
global:approve_members:<event_type> | See all boardviews and set board comments/pax types for participants. |
local:approve_members:<event_type> | Same as above, but only for the body the user have got this permission from. |
global:set_memberslists_fee_paid:agora | Set how much fee the local paid for the member for the Agora. Useful for Financial Director. |
global:manage_candidates:agora | See all candidates (even rejected/pending), accept/reject candidates |
global:manage_plenaries:agora | Create, see, update and delete all plenaries for Agora. |
global:see_plenaries:agora | See all plenaries for Agora |
global:mark_attendance:agora | Mark people as attended/left for plenary. Should be combined with the permission above. Needed for people with badge scanners. |
oms-events
Action is always one of the event types (nwm/rtc/es/local/other/wu/ltc).
Organizers of the event can add other organizers, edit event once it's not published, delete event once it's not published, see all of the applications and accept/reject participants.
Permission name (scope:action:object | Description |
---|---|
global:approve_event:<event_type> | Publish events of this type. |
global:manage_event:<event_type> | Edit and event even after it's published |
local:approve_members:events | See boardview for all events for the body you've got this permissions from and all applications from it, write board comments. |
oms-discounts
Permission name (scope:action:object | Description |
---|---|
global:manage:discounts | Create, edit and delete integrations, add codes to the integrations, create/edit/delete categories (the ones on /discounts). |