Many Objects in in Square² can be associated with different privileges per user or group. As these objects can be referenced in different context throughout the app, this list tries to capture:
1. The consequences of different privileges for different contexts (Answer questions as "Does (and how, if) the use-privilege on a variable affect the users' ability to register a quality report that uses a variable selection containing said variable?")
2. Which privileges are dependent on privileges on different objects
(2. Which privileges are dependent on privileges on different objects)
### 1. Privilege Consequences
| Object | Privilege | Consequences |
| ------: | :------: | :-------|
| **Data Collection ** | change | cell |
| -> | use | cell |
| **Department** | read | cell |
| -> | write | cell |
| -> | use | cell |
| **Variable** | read | cell |
| -> | write | cell |
| -> | use | cell |
| **Variable Selection** | read | cell |
| -> | write | cell |
| -> | use | cell |
| **Release** | change | cell |
| **R-Function** | read | cell |
| -> | write | cell |
| -> | test | cell |
| **Data Collection ** | change | Change definition, user privileges and process variables of collection. Delete collection |
| -> | use | View collection in list (Study Overview), independent of collection list in study structure |
| **Department** | read | View department in list (Study Structure), independent of visibility in variable selections |
| -> | write | Edit department definition and user privileges, delete department |
| -> | use | ?? |
| **Variable** | read | View variable in list (Study Structure), independent of visibility in variable selections |
| -> | write | Edit variable definition and user privileges, delete variable |
| -> | use | ?? |
| **Variable Selection** | read | View variable selection in list |
| -> | write | Edit variable selection definition and user privileges, delete selection. |
| -> | use | Use variable selection in a quality report |
| **Release** | change | View Release in List, edit Release definition, group rights etc. Delete release. |
| **R-Function** | read | Changes nothing (?) |
| -> | write | Changes nothing (?) |
| -> | test | Changes nothing (?) |
**Note:** Variable selections seem to have a constraint so that the privileges for a user need to make the sentence `read <-> (write V use)` true (where V is inclusive or).
### 2. Privilege Interdependence
### Open Questions:
Do Roles supervene rights (e.g in case of statistics, can a `statisticadmin` change things they have no privileges on but a `statistic` not)?
**Note:** Variable selections seem to have a constraint so that the privileges for a user need to make the sentence `read <-> (write V use)` true (where V is inclusive or).
