CSNS2 Security Implementation
Department
Requirements
-
System admin can create departments.
-
Department admin can edit their own department such as changing logo, theme, and adding/removing faculty, instructors, and courses.
In theory department name abbreviation (e.g. cs) should not be changed once a department is created because doing so may break department role check. Right now it can be changed by System Admin.
Implementation
-
/admin/** requires sysadmin.
-
DepartmentDao.saveDepartment() requires system or department admin.
-
The following controller methods require department admin:
-
DepartmentUserController.operation()
-
DepartmentCourseController.operation()
User
Requirements
-
General user management operations like add, edit, disable require sysadmin, department admin, or department faculty.
-
Users can edit their own account profile.
-
Temporary user accounts may be created during roster/grade import.
Implementation
-
/user/** requires sysadmin, department admin, or department faculty.
-
/profile requires authenticated users.
-
/register requires authenticated users with temporary accounts.
Course |