Compile Matrix of ArchivesSpace User Groups per Repository and their Permissions

[crugas]

Make a matrix chart with each ArchivesSpace repository's user groups and their associated permissions. We want to cross compare the user groups and specifically their permissions against each other. This comparison will determine what updates to permissions we need to make so users have more/less features available to them when using ArchivesSpace at each user group when assigned.

The matrix should be structured like so:

• Column = User Group
• Row = Permission
• Sheet = Repository

Requirements:

• Every repository should have the same user groups
• Every user group should have the same permissions across all the repositories
• Permissions should err on the side of more features/capabilities for users where reasonable

Context:

• Every repository should have 11 user groups
  • Default ArchivesSpace User Groups:
    • Managers of the (repository-archive-managers)
    • Project managers of the (repository-archive-project-managers)
    • Archivists of the (repository-archivists)
    • Advanced Data Entry users of the (repository-data-entry-advanced)
    • Basic Data Entry users of the (repository-data-entry-basic)
    • Viewers of the (repository-viewers)
  • SI-specific User Groups:
    • View contact details for agent records (si-agent-contact-info)
    • Create and Edit assessment records, but not change attribute definitions (si-assessments)
    • Create, Edit, Merge authority records (Names and Subjects) (si-authorities)
    • Generate Reports, PDFs (Background Jobs) (si-background-jobs)
    • Create and Edit classification records and terms (si-classifications)

For prior art, see the ASpace query at https://si-confluence.si.edu/display/SIR/monthly+password+report

[crugas]

Draft report available here @fordmadox: report_grouppermissions_2024-12-19.xlsx

[crugas]

• TODO: send out this email today: Permissions_Update_Email-Containers_Archivists-08-01-2025.docx
  • ArchivesSpace listserv and SIASC listserv and SIRIS listserv
• TODO: manually change permissions for Archivists to delete/bulk update top container records on MONDAY
• TODO: add repository specific permissions per column on each user group sheet to highlight any differences between repos
  • Update python script to do the following:
  • Group all repo user groups together
  • Add a column for repo code only
  • Highlight any permissions in group_permissions that are not consistent with ASpace defaults
  • Add columns per repo-user group in each sheet to cross-examine permissions against all_permissions and defaults
  • Add the SI groups as separate sheets si-assessments, si-authorities, si-background-jobs, si-classifications, si-agent-contact-info
  • Mark: Another small useful comparison would be one worksheet with 2 columns: repo, group count; and then another worksheet with 3 columns that lists repo, group name, count of users assigned to that group.
• TIP: keep a constant file in your local repo to keep a list of permissions and user groups for defaults – like listed here: https://github.com/Smithsonian/caas_aspace_group_baselines/blob/3b3260247f43c6f585300c19f1f93a5d1969ce7d/backend/model/repository.rb
• TODO: once all the above is done – schedule another meeting to review rest of permissions groups and standardize user group permissions