Ticket #1066 (new enhancement) — at Initial Version
Default reader role too permissive
| Reported by: | dread | Owned by: | dread |
|---|---|---|---|
| Priority: | major | Milestone: | ckan-v1.4-sprint-5 |
| Component: | ckan | Keywords: | |
| Cc: | Repository: | ckan | |
| Theme: | none |
Description
The definition of the 'reader' role includes creating packages, which is too permissive for some CKAN instances (e.g. DGU). 'Reader' suggests only reading, so I think this role should avoid creating and creating.
All projects so far allow public to create users, so this stays as a Reader action for now, as a convenience.
Implementation:
- Action.PACKAGE_CREATE remove from default_role_actions
- Comment written, to describe suggested policy
Note: See
TracTickets for help on using
tickets.
