Use cases for permissions and visibility

We haven't yet worked out a good security model for users and groups yet. The idea of this page is to collect a list of Use Cases so that we can work out how flexible the system needs to be, and what additional tables and columns might be required in the database. Please add more if you think of anything - this is just a quick initial list.

Project Level:

• A group may want to have one instance of CATMAID running where some projects are visible to any user on the internet, but others are only visible to the group of users who are working on the project.

• You should be able to allow certain users to view all tracings in a project without being able to edit them - in other words, there should be a least the options of "read-only" and "read-write".

• You should be able to assign permissions to projects at a group level, rather than having to specify individual users.

Neuron level:

• It would be nice to be able to mark neurons as "in progress", so every element under them (skeletons and connectors) are displayed in a colour that indicates they're works-in-progress, and show you which user is working on them.

• Perhaps an alternative to the previous one, just allow new neurons to be set to "invisible", meaning that they are only visible to the user who created them. I (@mhl) would prefer them to be visible but marked "in progress", on the basis that then you can avoid accidentally double-tracing neurons.

• @unidesigner suggested that it would be good to be able to state that certain users don't see any annotations other than the skeleton they're tracing out. (This might be a basis for a crowd-sourced tracing effort.)

Skeleton level:

• Certain users might be able to "lock" skeletons, to make them uneditable, for example if they've been reviewed carefully several times.

Node level:

• It would be great to have tooltips (or a status bar update) when you mouseover nodes, telling you:
  1. the user that created the node
  2. roughly when it was last edited (e.g. "3 days ago")