Permissions to read another student's progress #247

janvp · 2021-11-26T22:05:48Z

Hi,

In my project I want to create a custom role. That role should be able to read other student's enrollments and progress through the REST API, but shouldn't be able to edit anything. If I assign the permissions view_students and view_others_students to that role, the role is able to do the request:
GET /students/{id}/enrollments/{post_id}
but not the request:
GET /students/{id}/progress/{post_id}

The role needs to have the edit permissions edit_post and edit_students to be able to read other student's progress.

I suggest that the permission view_others_students would be also a valid permission to read another student's progress, or that a new read permission would be created to be able to read the progress without being able to edit anything.

I had a discussion on this topic in the Slack channel:
https://app.slack.com/client/T0H18E2VB/CCESQHE82/thread/CCESQHE82-1637950147.230000

The text was updated successfully, but these errors were encountered:

thomasplevy assigned eri-trabiccolo Nov 26, 2021

eri-trabiccolo added Severity: Normal Type: Bug Bugs and errors Type: Enhancement Improvements existing features or code and removed Type: Bug Bugs and errors labels Nov 29, 2021

eri-trabiccolo added this to the Future milestone Dec 1, 2021

eri-trabiccolo added this to Development Feb 24, 2022

eri-trabiccolo moved this to Backlog in Development Feb 24, 2022

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Permissions to read another student's progress #247

Permissions to read another student's progress #247

janvp commented Nov 26, 2021

Permissions to read another student's progress #247

Permissions to read another student's progress #247

Comments

janvp commented Nov 26, 2021