Closed
Bug 867958
Opened 12 years ago
Closed 10 years ago
implement the ability to add/remove group membership
Categories
(Marketplace Graveyard :: Admin Tools, enhancement, P5)
Tracking
(Not tracked)
RESOLVED
FIXED
2015-09-01
People
(Reporter: eviljeff, Assigned: eviljeff)
References
Details
The user lookup result page shows which groups a user a member of (e.g. App Reviewers; Senior Theme Reviewer; etc). What is missing is a way of editing these groups once bug 844415 takes away the /admin/ tool [3] that we currently use.
So I propose we either add the functionality to add and remove groups directly to the user lookup result page[1], or to the edit user account page [2]
[1] https://marketplace.firefox.com/lookup/user/631/summary
[2] https://marketplace.firefox.com/users/631/edit
[3] https://marketplace.firefox.com/admin/models/access/group/
To limit exploits this tool wouldn't let include the Admins group be added or removed.
|
||
Comment 1•12 years ago
|
||
We should identify a subset of groups which can be adjusted via the web. I assume you're interested in the reviewer groups?
Severity: normal → enhancement
Priority: -- → P5
|
Assignee | |
Comment 2•12 years ago
|
||
(In reply to Wil Clouser [:clouserw] from comment #1)
> We should identify a subset of groups which can be adjusted via the web. I
> assume you're interested in the reviewer groups?
Yeah, the reviewer groups are the common use case for us. But it might as well work for all the groups if there isn't a significant risk attached to them.
I think we only need to exclude 'Admins'.
|
|
||
Comment 3•12 years ago
|
||
How often are you changing groups? Is filing bugs for ops to run the commands a significant hardship?
|
|
Assignee | |
Comment 4•12 years ago
|
||
(In reply to Wil Clouser [:clouserw] from comment #3)
> How often are you changing groups? Is filing bugs for ops to run the
> commands a significant hardship?
If our onboaring goes as planned we could be adding 50+ reviewers over the next 6 months, and we will be adding them one at a time on prod once they've proven themselves on dev first. When they have met the standard we'll want them live straight away (before their motivation drops off).
Pushing this kind of admin task onto ops isn't desirable for us (or them I would have thought) and just adds extra work.
|
||
Comment 5•11 years ago
|
||
Altering all groups doesn't great. It sound like we need to limit what this API can do. Presumably there's some basic tasks "add user X to reviewer group" or "remove user Y from reviewer group". Anything more fine grained should go through an admin I presume.
|
|
Assignee | |
Comment 6•11 years ago
|
||
I would expect access to be limited to admins. But the groups can be all groups except Admins.
|
|
Assignee | |
Updated•10 years ago
|
Assignee: nobody → awilliamson
|
|
Assignee | |
Comment 7•10 years ago
|
||
I'm writing an API to add a subset of groups and some UI to the lookup tool.
Status: NEW → ASSIGNED
|
|
Assignee | |
Comment 8•10 years ago
|
||
|
|
Assignee | |
Comment 9•10 years ago
|
||
Status: ASSIGNED → RESOLVED
Closed: 10 years ago
Resolution: --- → FIXED
Target Milestone: --- → 2015-09-01
You need to log in
before you can comment on or make changes to this bug.
Description
•