-
Notifications
You must be signed in to change notification settings - Fork 6
[FC-0099] docs: add the default roles and permissions documentation #94
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Merged
Merged
Changes from 2 commits
Commits
File filter
Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
There are no files selected for viewing
111 changes: 111 additions & 0 deletions
111
docs/concepts/core_roles_and_permissions/content_library_roles.rst
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,111 @@ | ||
| Core Roles and Permissions: Content Library | ||
| ############################################# | ||
|
|
||
| This document outlines the built-in roles and permissions associated with the Content Library feature in the Open edX platform. | ||
|
|
||
| - `Roles`_ | ||
| - `Permissions`_ | ||
| - `Library Permissions`_ | ||
| - `Library Content Permissions`_ | ||
| - `Library Team Permissions`_ | ||
| - `Library Collections Permissions`_ | ||
| - `Permissions Inheritance`_ | ||
| - `Roles and Permissions Summary Table`_ | ||
|
|
||
| Roles | ||
| ----- | ||
|
|
||
| A **role** is a set of permissions that defines what actions a user can perform. When you **grant a role to a user**, you assign it within a specific scope, which determines where those permissions apply. Here is the list of default roles for Libraries. | ||
|
|
||
| - The **Library Admin** has full control over the library, including managing users, modifying content, and handling publishing workflows. They ensure content is properly maintained and accessible as needed. | ||
|
|
||
| - The **Library Author** is responsible for creating, editing, and publishing content within a library. They can manage tags and collections but cannot delete libraries or manage users. | ||
|
|
||
| - The **Library Contributor** can create and edit content within a library but cannot publish it. They support the authoring process while leaving final publishing to Authors or Admins. | ||
|
|
||
| - The **Library User** can view and reuse content but cannot edit or delete anything. | ||
|
|
||
| Permissions | ||
| ----------- | ||
|
|
||
| The following permissions are associated with the content library roles: | ||
|
|
||
| Library Permissions | ||
| ======================= | ||
|
|
||
| - **View the library** (``view_library``): Allows users to view the content library. | ||
| - **Manage library tags** (``manage_library_tags``): Allows users to manage the tags associated with library items. | ||
| - **Delete the library** (``delete_library``): Allows users to delete the entire content library. | ||
|
|
||
|
|
||
| Library Content Permissions | ||
| =============================== | ||
|
|
||
| - **Edit library content** (``edit_library_content``): Allows users to edit existing content within the library. | ||
| - **Publish library content** (``publish_library_content``): Allows users to publish content to or from the library. | ||
| - **Reuse library content** (``reuse_library_content``): Allows users to reuse content from the library in other contexts. | ||
|
|
||
|
|
||
| Library Team Permissions | ||
| ============================= | ||
|
|
||
| - **View the library team** (``view_library_team``): Allows users to view the list of users or roles associated with the library. | ||
| - **Manage the library team** (``manage_library_team``): Allows users to add, remove, or change the roles of users in the library team. | ||
|
|
||
|
|
||
| Library Collections Permissions | ||
| =================================== | ||
|
|
||
| - **Create library collections** (``create_library_collection``): Allows users to create new collections within the library. | ||
| - **Edit library collections** (``edit_library_collection``): Allows users to modify existing collections within the library. | ||
| - **Delete library collections** (``delete_library_collection``): Allows users to delete collections within the library. | ||
|
|
||
| Permissions Inheritance | ||
| ======================== | ||
|
|
||
| * **Managing library tags** (``manage_library_tags``) implies **editing library content** (``edit_library_content``). | ||
| * **Deleting the library** (``delete_library``) implies **editing library content** (``edit_library_content``). | ||
| * **Publishing library content** (``publish_library_content``) implies **editing library content** (``edit_library_content``). | ||
| * **Editing library content** (``edit_library_content``) implies **viewing the library** (``view_library``). | ||
| * **Reusing library content** (``reuse_library_content``) implies **viewing the library** (``view_library``). | ||
| * **Publishing library content** (``publish_library_content``) implies **viewing the library** (``view_library``). | ||
| * **Managing the library team** (``manage_library_team``) implies **viewing the library team** (``view_library_team``). | ||
| * **Deleting a library collection** (``delete_library_collection``) implies **editing a library collection** (``edit_library_collection``). | ||
| * **Creating a library collection** (``create_library_collection``) implies **editing a library collection** (``edit_library_collection``). | ||
| * **Editing a library collection** (``edit_library_collection``) implies **viewing the library** (``view_library``). | ||
|
|
||
|
|
||
| Roles and Permissions Summary Table | ||
| ------------------------------------ | ||
|
|
||
| .. table:: Matrix of Content Library Roles and Permissions | ||
| :widths: auto | ||
|
|
||
| ============================= ================= ================ ===================== ============== | ||
| Permissions Library Admin Library Author Library Contributor Library User | ||
| ============================= ================= ================ ===================== ============== | ||
| **Library** | ||
| view_library ✅ ✅ ✅ ✅ | ||
| manage_library_tags ✅ ✅ ✅ ❌ | ||
| delete_library ✅ ❌ ❌ ❌ | ||
| **Content** | ||
| edit_library_content ✅ ✅ ✅ ❌ | ||
| publish_library_content ✅ ✅ ❌ ❌ | ||
| reuse_library_content ✅ ✅ ✅ ✅ | ||
| **Team** | ||
| view_library_team ✅ ✅ ✅ ✅ | ||
| manage_library_team ✅ ❌ ❌ ❌ | ||
| **Collections** | ||
| create_library_collection ✅ ✅ ✅ ❌ | ||
| edit_library_collection ✅ ✅ ✅ ❌ | ||
| delete_library_collection ✅ ✅ ✅ ❌ | ||
| ============================= ================= ================ ===================== ============== | ||
|
|
||
|
|
||
| **Maintenance chart** | ||
|
|
||
| +--------------+-------------------------------+----------------+--------------------------------+ | ||
| | Review Date | Working Group Reviewer | Release | Test situation | | ||
| +--------------+-------------------------------+----------------+--------------------------------+ | ||
| | 2025-10-13 | RBAC Project | Ulmo | TO DO | | ||
| +--------------+-------------------------------+----------------+--------------------------------+ | ||
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,7 @@ | ||
| Core Roles and Permissions | ||
| ############################ | ||
|
|
||
| .. toctree:: | ||
| :maxdepth: 1 | ||
|
|
||
| content_library_roles |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,2 +1,7 @@ | ||
| Concepts | ||
| ######## | ||
|
|
||
| .. toctree:: | ||
| :maxdepth: 2 | ||
|
|
||
| core_roles_and_permissions/index |
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Uh oh!
There was an error while loading. Please reload this page.