You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
This point was raised by Don Stuckey in the `"roadmap-devs" channel of the "roadmap" group on Slack:
hi @here
in DMPonline, it is possible for any user to assign themselves to any organisation (without authenticating with that org) and therefore see any org's plans;
i understand this is a core design principle in roadmap, as it allows researchers to easily switch their org when they move to another org, and so i understand it is the same in DMPopidor, DMPAssistant, and DMPTool;
however, we have recently had concerns raised by orgs that are not comfortable with any user being able to set themselves to their org and then see their org's plans (and see say names and email addresses of contributors / collaborators of the plan);
so i was wondering if any of you guys have had similar concerns raised, and if so, how have you addressed them with respect to the design and purpose of the core roadmap application code?
The text was updated successfully, but these errors were encountered:
This point was raised by Don Stuckey in the `"roadmap-devs" channel of the "roadmap" group on Slack:
hi @here
in DMPonline, it is possible for any user to assign themselves to any organisation (without authenticating with that org) and therefore see any org's plans;
i understand this is a core design principle in roadmap, as it allows researchers to easily switch their org when they move to another org, and so i understand it is the same in DMPopidor, DMPAssistant, and DMPTool;
however, we have recently had concerns raised by orgs that are not comfortable with any user being able to set themselves to their org and then see their org's plans (and see say names and email addresses of contributors / collaborators of the plan);
so i was wondering if any of you guys have had similar concerns raised, and if so, how have you addressed them with respect to the design and purpose of the core roadmap application code?
The text was updated successfully, but these errors were encountered: