Skip to content

Add user roles to individual protocols #280

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Apr 23, 2025
Merged

Add user roles to individual protocols #280

merged 1 commit into from
Apr 23, 2025

Conversation

@arhowe00
Copy link
Contributor

@arhowe00 arhowe00 commented Apr 16, 2025
edited
Loading

Closes #239

Adds a field to the protocol class that holds a list of roles, so that individual protocols can be designated for use by specific groups.

  • TODO: Once this is done, we can open an issue on SlicerOpenLIFU to work on enforcing the user role when in "user account mode". Enforcing it could mean anything and is up to the application, but one idea is, whenever showing protocols to choose from, to simply filter out and not show any protocols that have this user role attribute and for which the currently logged in user does not match. Something would also have to be done for loading protocols from file.

@ebrahimebrahim
Copy link
Collaborator

ebrahimebrahim commented Apr 17, 2025

Make sure to double check with Peter that this is more or less the model of user-protocol permission relations that he had in mind

@arhowe00 arhowe00 requested a review from sadhana-r April 18, 2025 03:15
@sadhana-r
Copy link
Contributor

sadhana-r commented Apr 18, 2025
edited
Loading

@arhowe00 What did you change in db_dvc? I don't see an allowed_roles field in any of the protocols.

And should all protocols default to include atleast Administrator (or whatever the highest user role is)? Or will an empty list mean that everyone has access?

@arhowe00
Copy link
Contributor Author

arhowe00 commented Apr 21, 2025

@arhowe00 What did you change in db_dvc? I don't see an allowed_roles field in any of the protocols.

Good point. I did run the script and it did not add an empty list to protocols. However, I was able to load the protocol from Database. My guess is that by default, empty lists are not serialized, and a lack of a field for allowed_roles populates the Python object with a field with the list as empty.

And should all protocols default to include atleast Administrator (or whatever the highest user role is)? Or will an empty list mean that everyone has access?

This is to be decided, but I think it's better to specify less unless required. So an empty list means that, if user roles are enforced, nobody has access except for admins. Administrators have access to all data all the time. So if you aren't an admin (e.g. you have the role custom_operator_role), you cannot access the protocol unless your role is added to the protocol.

@arhowe00
Add allowed-roles field to Protocol (#239)
46e0a36 
- Also update db_dvc to include the allowed-roles field in each protocol
@arhowe00 arhowe00 force-pushed the 239-Add-user-roles-to-individual-protocols branch from 8e67019 to 46e0a36 Compare April 23, 2025 16:58
@arhowe00
Copy link
Contributor Author

arhowe00 commented Apr 23, 2025

@ebrahimebrahim I checked off the TODO because you opened this issue in SlicerOpenLIFU (i.e. I did not do anything that I marked TODO). OpenwaterHealth/SlicerOpenLIFU#262

@arhowe00 arhowe00 merged commit a3db17d into main Apr 23, 2025
9 checks passed
@arhowe00 arhowe00 mentioned this pull request Apr 30, 2025
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@sadhana-r sadhana-r sadhana-r approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Add user roles to individual protocols

4 participants

@arhowe00 @ebrahimebrahim @sadhana-r