Permissions
The system supports permissions that can be granted to users directly, or more commonly by group membership.
Django permissions
Django provides a set of built-in permissions by default for every model:
- View
allows the user to view objects without making changes
- Add
allows user to create a new instance of the model
- Change
allows user to make modification to existing model
- Delete
allows user to delete the model (in django admin), or unpublish in dashboard.
See also
Custom permissions
The project implements the following permissions in addition to those provided by django:
Name |
Code |
Notes |
|---|---|---|
Can view admin dashboard |
|
|
Change document owner |
|
Enables user to edit the “owner” field of the document |
Approve document version |
|
|
Approve all document versions in institution |
|
|
Allow user to export documents |
|
|
Allow user to export documents report |
|
|
Can edit archived document |
|
Allows user to edit documents that have been archived |
can view all forms if none selected |
|
Gives user access to all forms within their institution,
except when they have per form permissions, in which case user can only access
forms they were explicitly granted access to
(subject to change by Task #26793)
|
Change auditor passwords |
|
Whether user is allowed to change another user’s password |
Change group membership |
|
|
Change auditor permissions |
|
|
Can receive instant report emails |
|
Allows user to receive report e-mails addressed to lead auditors |
Change submission date in client app |
|
Allows user to edit start/end dates of audit
before submission (depends on form settings)
|
View credits assigned to an audit form |
|
|
Change credits assigned to an audit form |
|
|
View all form content via the API, including the pks of unpublished observations. |
|
|
Can send push message |
|
allows user to send push messages | to user devices |
Can edit disabled QIP issue fields |
|
|
can view all issues |
|
Allows the issue handler to view all issues | within institution, not just issues assigned to them. |
Can export issues |
|
|
Can edit read only custom issue field |
|
|
Can change all fields, even if they’re read only. |
|
|
Can change confidential fields. |
|
|
Can change a locked observation. |
|
|
Can change approvers while observation is pending review. |
|
|
Can export observations |
|
|
Can revoke another user’s |
|
|
Can import QIP issues |
|
|
Can export institutional data |
|
Allows the user to export users, wards and departments.
|
Can use document AI chat |
|
Allows the user to use AI chat when viewing a published document version
|
Per-form permissions
Auditors can have additional permissions or ward access for certain forms.
This is implemented in AuditorFormPermissions.
Permission cache
Due to complex nature of permissions (permission group membership, form permissions) and ward access,
permissions are compiled into AuditorPermissionCache model.
See also
The cache model was implemented in Task #27900, and is being used since task Task #27956.
A separate instance of the model exists for each auditor and form combination. It aggregates total list of permissions and wards the user can access, including permissions and wards they inherit global access from.
Note
Besides permissions per form, the permission cache model also contains an additional instance where form is blank. This reflects the permissions the user has globally.
Note
Global users:
Permissions resulting from global access are not represented by AuditorPermissionCache,
as caching all permissions for all forms would result in a lot of computing and storage resources. Superusers are assumed to have access to everything.
This usually means that user has access to the form with all its wards and permissions, but will not show up for other non-global users.
Troubleshooting User Permissions
User Permissions: The permission cache admin page allows you to troubleshoot permissions. Although permission cache is updated automatically whenever user account changes or when user logs in, it is possible to update it manually:
- Using django admin
Go to user profile admin and invoke “update form permissions” action for the selected users
- Using command-line tool
Run ./manage.py update_user_perms to update for all users and all forms. The tool accepts various parameters that allows you to narrow down the scope of the update, or only create missing permissions:
$ ./manage.py update_perm_cache --help usage: manage.py update_perm_cache [-h] [--institution_id INSTITUTION_ID] [--user_id USER_ID] [--auditor_id AUDITOR_ID] [--create]
Troubleshooting Folder Permissions
The folder permission cache admin page allows you to troubleshoot folder permissions. Although permission cache is updated automatically whenever folder structure or user permissions changes or when user logs in, it is possible to update it manually:
- Using django admin
Go to user profile admin and invoke “update folder permissions” action for the selected users
- Using command-line tool
Run ./manage.py update_folder_perm_cache to update for all users and all folders. The tool accepts various parameters that allows you to narrow down the scope of the update, or only create missing permissions:
$ ./manage.py update_folder_perm_cache --help usage: manage.py update_folder_perm_cache [-h] [--institution_id INSTITUTION_ID] [--user_id USER_ID] [--auditor_id AUDITOR_ID]