WIP: Granular permissions and role changes
Permissions & Teams
So far this only implements the role changes from #2 (closed).
TODO:
- Data migration to move existing users into sensible roles.
- Team permissions
Current situation
Actions requiring login
- Viewing index
- Getting server list
- Adding a server
- Viewing heartbeat information
- Viewing notifications
- Changing your contact methods/timezone/toggle pages
- Sending a custom message
Actions requiring 'admin'
- Changing heartbeat configuration
Actions requiring 'admin' OR 'pagerpeeps'
Pagerpeeps is created with the database but this is the only place it is used.
- Performing a handover
Improvement Plan
New roles
- Guest
- Trainee staff
- On-call staff
- Team manager
Guests can
- View index (has name of current on-call user)
- Change their contact methods/timezone BUT NOT toggle pages
Trainees can
All above actions, and:
- View server list
- View notifications
- View heartbeat information
- Toggle (failure) pages for their contact methods
On-call can
All above actions, and:
- Perform handovers
- Send custom messages
- Configure heartbeats
- Acknowledge alerts that failed to send
Team manager can
All above actions, and:
- Add servers
- Create users in their team
- Assign and change permissions of all users in their team
Closes #2 (closed)
Edited by Zac Pullar-Strecker