Open
Description
There are a couple of special roles in Opencast:
ROLE_ADMINis the global administrator and can do anything. This role is typically not stored explicitly in ACLs (talking about Opencast here), so some extra logic has to be added to the authorization check.- Organizational administrators can be used. That's one role per organization and can do anything in that organization. This is rarely used.
ROLE_USERis a role that every logged-in user (typically) has. It is stored explicitly in ACLs.ROLE_ANONYMOUSis a role that every "viewer" has, whether logged in or not. This is stored explicitly in ACLs.
The current state in Tobira is:
- User roles
- Every possible viewer has
ROLE_ANONYMOUS. Tobira has this extra logic. - All other roles, including
ROLE_ADMIN,ROLE_USERand organizational admin roles are expected to be provided by the auth provider/proxy.
- Every possible viewer has
- "Moderator" authorization
- A special moderator role is configurable. Every user with that role or the static
ROLE_ADMINis treated as Tobira moderator.
- A special moderator role is configurable. Every user with that role or the static
- Event ACLs
- Contain the organizational admin role (which is
ROLE_ADMINby default) and the typical configured roles. - Authorization check for events is done by simply checking for overlap in user roles and event ACLs.
- Contain the organizational admin role (which is
What we probably want to change still:
- Allow users with global admin role to access any event
- Make one organizational admin role configurable (one Tobira should only work for one organization). That role should then be considered in all kinds of authorizations.