Ticket #1066 (new enhancement) — at Initial Version

Opened 3 years ago

Last modified 3 years ago

Default reader role too permissive

Reported by: dread Owned by: dread
Priority: major Milestone: ckan-v1.4-sprint-5
Component: ckan Keywords:
Cc: Repository: ckan
Theme: none

Description

The definition of the 'reader' role includes creating packages, which is too permissive for some CKAN instances (e.g. DGU). 'Reader' suggests only reading, so I think this role should avoid creating and creating.

All projects so far allow public to create users, so this stays as a Reader action for now, as a convenience.

Implementation:

  • Action.PACKAGE_CREATE remove from default_role_actions
  • Comment written, to describe suggested policy
Note: See TracTickets for help on using tickets.