Details
-
New Feature
-
Resolution: Unresolved
-
Major
-
None
-
1.5.0
-
None
Description
Grouper should support delegation.
This should be for memberships, or for attribute assignments. Not sure if the grouper privileges (e.g. admin on a group) should be delegatable.
So there could be a boolean field on a group which says that all memberships inside are delegatable. Or a specific memberships could have a boolean field which says that the member can delegate to others. Then when that person delegates, there should be a memberId on that membership of who delegated it (and it could have an enabled or disabled date). Would be nice to be able to delegate a role, and have all related privileges also delegate so that the user doesnt have to pick and choose a bunch of stuff.
Currently if you add the members list to the update list, then you have some course delegation. Users in a group can edit the group's memberships. However, users could also remove anyone from the group, not just the person they added. So we should only let non-updaters, who have delegated, remove members who they have delegated.