| Category: | Feature request |
Priority: | Normal |
Status: | New |
| Project: | Severity: | Minor |
Resolution: | Open |
|
| Component: | Reproducibility: | Always |
Assigned to: |
There is confusion between roles and groups in JasperServer.
For me :
- a role is a set of permissions and not a set of users.
- a set of users is a group.
- one or more roles can be assigned to a user or a group of users.
The roles are in fact listed in the "Assign permissions form" :
- Administer (Administrator)
- Read Only (Reader)
- Read + Delete (a strange use case !)
- Read + Write + Delete (Contributor).
A Read+Write (Editor) role should be available too.
So, the actual implementation is not clear for end users.
I suggest to rename the strings concerning roles to their equivalent for groups.
There are some tests in JSP to check the user's role ( ROLE_ADMINISTRATOR, ROLE_ANONYMOUS and ROLE_USER).
It should be more flexible to check on permissions, not on roles.
