Details
-
Type: Sub-task
-
Status: Done/Fixed
-
Priority: Minor
-
Resolution: Won't Do
-
Affects Version/s: HR-1.0
-
Fix Version/s: HR-1.0
-
Component/s: None
-
Labels:None
Description
(This is unassigned because the issue needs better specification.)
Each of the major CivHR extensions – hrident, hrjob, hrmed, hrqual, hrvisa – should define a coarse grained permission:
- access CiviHR identities
- edit CiviHR identities
- access CiviHR jobs
- edit CiviHR jobs
- access CiviHR medical
- edit CiviHR medical
- access CiviHR qualifications
- edit CiviHR qualifications
- access CiviHR visas
- edit CiviHR visas
We can start by declaring these permissions, but we need to figure out the right place(s) at which to enforce these permissions – e.g.
- Hide the relevant tabs in "View Contact"?
- Hide the relevant blocks in "Advanced Search"?
- Hide the internal metadata
- Hide/display things piecemeal – or add generic "permission" support to the CustomGroup system?