Feature Wiki

Information about planned and released features

Tabs

Data Collection : Role-based View Limitation

1 Initial Problem

Defining a display of views per all local an global role is disproportionate in terms of its complexity and coverage.

The authors in a ILIAS Installation usually know nothing about all the global roles of a system and all local roles on actual position. And perhaps they are not even supposed to know them.

2 Conceptual Summary

"New Normal“ for Access to Views

In future, users with READ permission will always have access to a view within a table of a data collection.

In addition, it is possible to make a restriction using "Role-based View Limitation".

All local and global roles that have READ rights are listed and can be activated individually. In contrast to the previous implementation, not all global and local roles are displayed anymore.

  • Default » all users of roles with READ can call up the view
  • Activate "Role-based View Limitation" » no users of roles with READ can access the view (deafult of role selection is unchecked)
  • Set roles » all users of the selected roles with READ can access the view

What does this mean for existing data collections?

  • For all existing views of a data collection, "Role-based View Limitation" is always checked and the checked roles are set as before an update of the installation.
  • For all new views of a data collection, "Role-based View Limitation" is not activated.

Improved display of the view by role:

It is displayed at the views if a view is only visible for some of the possible roles and which roles these are.

3 User Interface Modifications

3.1 List of Affected Views

  • Changes in:
    • Data Collection » Tab 'Tables' » Select a Table » Tab 'Views' » Select a View » Tab 'View Settings'
    • Data Collection » Tab 'Tables' » Select a Table » Tab 'Views' (new property showing roles with access to the view)

3.2 User Interface Details

The forms are changed to new forms. The form structure is redesigned and a new node is added in the administration.

Data Collection in Repository

The form is now easier to understand. In general, users in all roles are also able to see single views.

Only upon making a request is it possible to restrict the set of roles that can see the single view.

3.3 New User Interface Concepts

None.

Refactoring with UI KitchenSink.

3.4 Accessibility Implications

Nothing specific

4 Technical Information

{ The maintainer has to provide necessary technical information, e.g. dependencies on other ILIAS components, necessary modifications in general services/architecture, potential security or performance issues. }

5 Privacy

Only the roles that are also applicable are available for selection. This eliminates the overall display of all global roles in the system.

6 Security

Nothing specific.

7 Contact

8 Funding

If you are interest in funding this feature, please add your name and institution to this list.

9 Discussion

Discussion at the time when the FeatureRequest was called »Abandon «View Setting» on global Role in Data Collection«.

Lowe, Simon [simon.lowe] 02 MAY 2024: From the point of view of ILIAS.nrw this setting can not be abandoned. We use it for presenting a limited view of our Data Collection to the Anonymous role. I assume, that there are some other scenarios using this setting for presenting different views to different user groups and this is not covered by RBAC.

Kunkel, Matthias [mkunkel], 06 JUN 2024: If we abandon the view setting per role we remove a powerful setting to offer user-group-sensitive access to a data collection. The current data collection for the ILIAS conference call-for-papers uses this setting. All global roles get a view where can submit proposals. But they do not see comments or the rating information (which is only available in another view that is restricted to a local role). Without the option to specify which global role gets which view we could abandon the concept of views in general. Therefore, I do not support this feature request. But I am open to improve the usability of it and make it clearer what exactly happens on this screen.

More discussion

Szmais, Ingmar [iszmais], 16 JUL 2024: I can see the need for a change here, but I'm not quite sure if this is the best approach. Initially, I would improve the behaviour here with two simple approaches. First, instead of adding a new checkbox, we should auto-check all roles on creation. A view without any role permissions is pointless and should therefore not be displayed by default. To limit the shown roles (which should definitely be done), I would also not recommend adding a new configuration. IMO the datacollection is loaded enough with configurations that are trivial for the most use cases. Further, this might not be a configuration to which a global admin has the right expertise. Instead, I would limit the list to all roles that have view rights on the datacollection itself. This binds the selection to a local content and is already defined in the most current use cases.
Conceptionally, this view restriction should be part of the style (in form of the CO Page editor, just like inside the repository) or part of single fields (since there is now possible configuration of the whole table) bit this might be too much workload to discuss here.

Lowe, Simon [simon.lowe], 17 JUL 2024: Indepent of Ingmars suggestions: From my point of view the updated FR is fine. I asked myself, if it would be smart to have a checkbox in the Administration just to activate the "Role based View Limitation" before having the Global Roles listed in order to choose them, but this is not mandatory. Question: If no Global Role is selected in the Administration, is the option then not shown for the user in the Data Collection?

Referring to Ingmar: The idea of breaking down the list of Global Roles to those, who have view rights on the DC, would also be fine for me - in our Usecases, the Role based Limitation of a View takes only place in DCs, which are visible for the most of the Global Roles, and I assume this is the same for the Usecase of Kunkel, Matthias [mkunkel], so that for our Usescases there would not be big changes. If this is the way of implementation, probably there should be an info message refering to the Permissions tab saying, that only the Global roles with view rights on the DC are listed for the Role based View Limitation.

Kunkel, Matthias [mkunkel], 17 JUL 2024: Thanks for the update of the FR. Nevertheless, some points are still controversial for me:

  1. We are currently only talking about global roles. But the 'view control' includes local roles, too. If the DC is offered inside a course or group, the roles of these containers have to be considered here, too. So the list of roles on the 'View Settings' is dependend from the permission settings of this DC (thanks for this clarification to Ingmar). _All_ roles (global and local) that have READ permission for the DC have to be listed here – all others not! IMHO there is no need to handle this in the administration. Especially, because this setting can only affect global roles.
  2. The setting for 'Role-based view limitation' (is it a limitation or a control?) has to be a setting of the data collection itself, not of each view. IMHO you have only one view if you do not activate this setting. I never had the case that I offered two views to a DC to the same group of users... And if I am not wrong, the underlying idea of this FR is to create a new normal for data collections without these role-dependant views. So it is always related to the entire object, not to parts of it.
  3. And when role-dependant views are enabled, it would be nice to see on the table of views which role is enabled for which view. At the time being, I have to add my personal description to the view settings to clarify for whom is which view (see screenshot below). A new column 'Visible for' that lists all enabled roles for this view would be great.

Samoila, Oliver [oliver.samoila], 19 JUL 2024: Thanks for all your feedback.
I'll take three points from Matthias as a reference, as I think they take up the other aspects well and do not leave out any further problems.

  • Ad #1:
    I agree that if we append the selection of roles (local and global) for views to the question about the read permission of the respective role, we a) always get a complete list of all relevant roles and b) we can save ourselves the specific solution only for global roles and the administration screen. We should do it this way. 
    My main focus is to avoid displaying information and options that don't help at this point but overwhelm the user. That's what we achieve with this.
  • Ad #2: 
    Regarding the location of the 'Role-based view limitation' setting, I do not support the idea of having this in one central place for the entire data collection. Presumably this would be the settings screen of the entire data collection. From there, the decision about views of tables is very far away. I also believe that at the moment of creating the data collection it is not foreseeable how the views will be handled. This can only be foreseen early on if you have a lot of experience in using the object. I am therefore strongly in favour of leaving the decision to the respective view. (I am also aware of cases in which different views of the same content are made available to the same groups of people - a compact view and a detailed view. In my opinion, however, this would at least remain possible in all variants anyway).
    What is primarily meant by "new normal" is that you now have an opt-out for each specific role instead of the previous opt-in for each specific role for views. Default: All roles with authorisation see the view. It is possible, however, to decide that only a subset of the roles see the view.
  • Ad #3: 
    Yes, we can do that. We need to check how this can be integrated into the new UI modifications of the views per table. The need is very understandable. To get a good label, we contact Matthias and Chris.

Thank you for the discussion. I'll adjust the request accordingly.

JourFixe, ILIAS [jourfixe], 05 AUG 2024: We highly appreciate this suggestion and schedule the feature for ILIAS 10. We accept the suggestion to have the setting for ‚Role-based view limitation‘ per view and not only for the entire data collection alone.

JourFixe, ILIAS [jourfixe], 28 OCT 2024: We highly appreciate this suggestion and re-schedule the feature for ILIAS 11.

10 Implementation

{ The maintainer has to give a description of the final implementation and add screenshots if possible. }

Test Cases

Test cases completed at {date} by {user}

  • {Test case number linked to Testrail} : {test case title}

Privacy

Information in privacy.md of component: updated on {date} by {user} | no change required

Approval

Approved at {date} by {user}.

Last edited: 28. Oct 2024, 14:19, Kunkel, Matthias [mkunkel]