This repository has been archived by the owner on Aug 11, 2022. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 12
Backend Resource Permissions
tristan-orourke edited this page Jun 6, 2018
·
1 revision
This document is to keep track of which user roles should have access to resources on the server.
User roles:
- Jobseeker
- Manager
- Admin
- Public (not logged-in)
- User (anyone logged-in)
- Owner (the user who created the resource)
Actions:
- get
- create
- modify
- delete
Notes:
- Admin: Unless otherwise noted, every resource and action is accessible to an Admin role.
- get - Owner (jobseeker); Manager IF viewing as part of an application
- create - None (created automatically on registration)
- modify - Owner
- delete - None (cannot be deleted)
- get - Owner (jobseeker); Manager IF viewing as part of an application
- create - Profile owner (jobseeker)
- modify - Owner (jobseeker)
- delete - Owner (jobseeker)
- get - Public
- create - None (created automatically on registration)
- modify - Owner (manager)
- delete - None
- get - Public
- create - Profile owner (manager)
- modify - Owner (manager)
- delete - Owner (manager)
- As Manager Profile
- As Manager Profile
- get - Public
- create - Work Environment owner (manager)
- modify - Owner (manager)
- delete - Owner (manager)
- get - Public IF open date has passed; Owner/Admin at all times
- create - Manager
- modify - Owner (manager)
- delete - Owner (manager) at all times?
- get - Owner (jobseeker); Manager IF they own the Job Poster AND Job Posting is closed AND Application is submitted; Admin at all times? (even while its a draft?)
- create - Jobseeker (one per Job Poster)
- modify - Owner (jobseeker) while in draft form
- delete - Owner (jobseeker)? Can jobsekers unsubmit their application? Can they unsubmit even after Job Poster close date?
- As Job Application
- As Job Application
- As Job Application