Uploaded image for project: 'PUBLIC - Liferay Portal Community Edition'
  1. PUBLIC - Liferay Portal Community Edition
  2. LPS-169994

As a power user, I want to have dedicated permissions generated for my standalone actions

Details

    Description

      Context

      There are cases where actions are not triggered by any automated event from the application, as the current "action builder", you can set many different types of triggers and conditions, as "on after create" an entry for example. In many use cases, there is no such a trigger, but a direct command from the user, as "approve", "assign to me", "reject" and so on. All of those examples are cases where there is a pre-defined action that is only executed when the user selects it.

      For privacy and security reasons, those actions must work with dedicated permissions, the same way CRUD actions works.

      Use Cases

      • In a task management system, users who have the proper permissions and want to quickly assign a task to themselves clicking on "assign to me";
      • In a order management system, users who have the proper permissions and want to quickly accept an order by clicking in "accept";
      • In a ticketing system, the user who have the proper permissions and wants to quickly close the ticket that is already solved clicking on "close ticket";
      • In a learning platform, the user who have the proper permissions and  wants to favorite a course;

      Design Deliverables

      Mochup Link

      Refinement Link

      Acceptance Criteria

      • Power users must be able to manage standalone action permissions
        • In Role Management
        • In the object definition permissions
      • Only allowed users can see the action on the drop-down list 
      • When the action is disabled, it won't be displayed even if the user has the proper permission
      • When the action is disabled, it must not be executed even if the user has the proper permission 
      • When the action is deleted, the permission should be deleted too

      Additional Information

      • This story only considers permissions for Regular Roles.
      • The standalone action should not be available for the Guest Role.
      • Standalone actions does not work for System Objects yet.  

      Definition of Done (DoD)

      • All Acceptance Criteria were passed;
      • Make sure that the expected automated tests were created (unit / integration / functional) and passed successfully;
      • Validated by QA and Product Manager;
      • No blockers related to Story scope (FP5);
      • Make sure that all system documentation tickets are created;

      Attachments

        Issue Links

          Activity

            People

              ana.buchmann Ana Buchmann
              luiz.jardim Luiz Jardim
              Ana Buchmann Ana Buchmann
              Julia Lira
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved:

                Packages

                  Version Package
                  Master