EBMS Tickets

This task will need a lot of analysis.

Depending on the outcome of this discussion and analysis, we may add another issue to investigate the feasibiliy of creating an admin page or adding certain tasks to the home page for admin users. TBD.

I've asked Alan to take the lead on this effort.

Based on our meeting with Robin, Victoria and Margaret, the following changes were suggested.

ICRDB Managers:

• Add Administrator Tool Tab to Manage Summary Topics for all boards

• Under the Reports Tab > Citation Management, add access to Citation Reports, Not List and Yes List

Admin Assistant:

• On the homepage, under the Citation Management feature, change the link from Review Citations to Full Text Retrieval

• Under the Calendar Tab, add access to the “Calendar Actions” box to Create Event and Show All Events, as well as the ability to edit previously created events (This is already accessible on the QA environment for admin assistant)

• Under the Reports Tab > Citation Management, add access to Citation Reports, Not List and Yes List.

For the users, we discussed the following:

• Change Bonnie to Admin Assistant Role Only (Remove ICRDB Manager Role Access)

• Change Cynthia and Minaxi to Medical Librarian Role Only (Remove ICRDB Manager Role Access)

• Change William to Medical Librarian Role

Further discussions and analysis will be necessary to discuss a possible admin role, with ability to add/modify users, and have access to manage summary topics. We will also need to revisit the Board Member and Board manager roles to ensure all of their system accesses are captured correctly.

Additionally, based on feedback from Robin, the following changes should also be made:

Admin Assistant:(These changes do not need to be made, as indicated in the comment by Robin)

• [Homepage] Add a link for "Review Assigned Articles" on the Literature Surveillance Panel Feature

• [Homepage] Display the Travel Panel

Medical Librarian:

• [On QA - Calendar Tab] Allow Med Librarians to see Month View, Week View and Day View, as well as Upcoming Events (This has been fixed on QA for all user roles)

Board Manager:

• [Literature] Allow board managers to see the "Filter by Board" filter if they are associated with >1 board (This already exists in the system and does not need to be implemented)

• [Reports] Allow board managers to access the Citation Reports, as well as the Not List and Yes List reports

The changes listed above for the admin assistant should not be made. I think I removed X's in those places on the spreadsheet for accuracy; no changes to the system are needed.

Robin Baldwin (a Board manager) currently sees the Filter by Board option as she is associated with >1 Board, so this was also an update to the spreadsheet to reflect the current system. (No changes needed.)

Thank you for clarifying the entries on the spreadsheet - I did notice the orange squares, and thought it was functionality that needed to be added. I will make a note of this in the requirements as well.

An issue that was noted on QA has now been fixed by Bob, and all users should be able to now see the Calendar Tab.

Also - on QA, it looks like the Admin Assistant role has the ability to Create/Edit Calendar entries, as well as toggle between events, so this may no longer be needed to be implemented as indicated in my earlier comment.

Based on our discussions today, Bob will be granting Robin access to the "Site Manager" role on the DEV environment so that she may add/deactivate/modify users, and test to make sure nothing breaks. Robin will use that role to grant Site Manager access to Victoria as a test to see if it works. It was noted that granting more site manager roles may lengthen the time for app scans, as they may choose to appscan using this role as well.

... Bob will be granting Robin access to the "Site Manager" role on the DEV environment ...

Done.

We previously discussed the roles for the assistants who help board managers, and for any future people who, like Deb Price, review articles but are not exactly like Board Managers or ICRDB managers.

At the meeting today the users decided that there is no requirement for special roles for these people. Board Manager assistants will be given the role "Board Manager" and future article reviewers will be given the role "Board Manager" or "ICRDB Manager" based on what they most closely resemble.

I'll be working on this starting today. I'll go through the comments above that show bulleted changes that are not crossed out and implement each one.

I'll post a new JIRA comment for each one that is implemented on DEV and also keep a unified collection of notes for all changes that will have to be propagated by hand to higher tiers. This will include anything that requires us to use the admin interface to assign new permissions to a role rather than by changing software.

If anyone (Victoria?, Robin?) has updates to the bulleted requirements, please post them when possible.

> [Reports] Allow board managers to access the Citation Reports, as well
> as the Not List and Yes List reports

On DEV and in svn. Since the not list and yes list reports are not yet implemented, I put them at the bottom.

Admin Assistant:
> Under the Reports Tab > Citation Management, add access to Citation Reports,
> Not List and Yes List.

Also on DEV and in svn. The change for Board Managers automatically included Admin Assistants.

ICRDB Managers:
> Under the Reports Tab > Citation Management, add access to Citation Reports,
> Not List and Yes List

Implemented, same as above.

> Add Administrator Tool Tab to Manage Summary Topics for all boards

This one gives us some choices.  Currently, we have only three main
menus:

    - Librarian
    - Board Member
    - Everybody else (i.e., Board Manager, ICRDB Manager, Administrative
      Assistant)

They have priority in that order, i.e., if you have the librarian role,
you see the librarian's menu - whether or not you have other roles.  If
you're not a librarian but are a board member, you see that menu.
Otherwise you see the everybody else menu.

There is a comment in the code that says: "Slice the roles finer as
development evolves."

I can think of several ways to change this:

 1. Create separate menu listings for each role and dynamically combine
    them.

    We would need up to seven of these for our seven defined roles:

        Admin assistant
        Board manager
        Board member
        ICRDB manager
        Medical librarian
        Site manager
        Administrator (i.e. Drupal administrator)

    If a user had more than one role, we'd have to combine them.  For
    example, assume that a person is a site manager and a librarian, and
    the site manager can do something that the librarian can't do and
    vice versa.

    A person with the librarian role and no other would see the
    librarian menu.  A person with the site manager role and no other
    would see the site manager menu.  But a person who was both would
    have to get all of the entries from both, deduplicated of course.

    This is more complicated than what we have but not very hard.  What
    would be easiest would be to go down the roles in some priority
    order and set the base menu for the a user to be that of the first
    role encountered that she has.  Then keep going and if the user also
    has other roles, append any menu entries that are in that role but
    not in the list so far.

    This offers more flexibility for future changes.

    If we need to implement the ability to pick and choose where the
    extra menu entries insert themselves, that would offer still more
    flexibility, but add to the cost. 

 2. Leave things as they are but insert the Administrator Tool Tab into
    the "Everybody else" menu if and only if the person is an ICRDB
    manager.

I propose to do the following:

 a. Leave this alone for the moment and work on other permission
    changes.

 b. If no other permission change requires a new division of menus, then
    use method 2 above - but add comments to the code about an
    alternative approach.

 c. If something else requires a new division of menus, then reconsider
    method 1.

If I hear no comments to the contrary, that's what I'll do.
[Note to myself: this is in common.inc, Menu::init().]

Actually, there is another approach that is very easy.

If it turns out that there are no people who have two roles that have
mutually exclusive menu entries, we don't need, at least for now, the
mechanism for combining entries from two roles.  I just need to add the
following:

    ICRDB manager (new)
    Libarian, as now
    Board member, as now
    Everybody else, as now

This would be Real Simple, just as simple as Method 2 and easier for the
next programmer to look at this to understand.

If I don't encounter any other changes or comments that require more
complication, I'll probably do that one.

Admin Assistant:

> On the homepage, under the Citation Management feature, change the
> link from Review Citations to Full Text Retrieval

It looks like this is already done. Or am I misinterpreting something?

Alan - "It looks like this is already done. Or am I misinterpreting something?"

On QA, on the homepage for admin assistant, in the Features panels section under Citation Management, I see 3 options: Search Database, Review Citations, and Add Citation. The request was to remove the Review Citations link, and change it to Full Text Retrieval.

This is not the same as the dropdown menu that appears when you hover over the Citation Management tab, but rather what appears on the homescreen itself below. I've attached an image circling the area that needs this change for clarification.

Ah, now I understand. I'll fix it.

> * Change Bonnie to Admin Assistant Role Only (Remove ICRDB Manager
>   Role Access)
>
> * Change Cynthia and Minaxi to Medical Librarian Role Only (Remove
>   ICRDB Manager Role Access)
>
> * Change William to Medical Librarian Role

This turns out to be a case of what the right hand gaveth (in my adding
reports to some of the menus), the left hand tooketh away.  [Are
"gaveth" and "tooketh" the right Shakespearean era past tenses?]

It turns out that some of the functions now available to these users are
only available because they are ICRDB Managers.

I can put items on the menus and take them off again but actually using
the menu functions requires a further level of permissions.  For
example, with no other changes to the user permissions except removing
the ICRDB Manager role, Bonnie's permissions change as follows.  Those
items marked with '+' are still there.  Those marked with '-' are lost
when the ICRDB Manager role is taken away.

    Citation Management
      + Full Text Retrieval
      - Search Database
      - Import Citations
      - Not List Maintenance

    Calendar
      + [All Okay]

    Literature
      + [All Okay]

    Summaries
      + [All Okay]

    Reports
      - Board Management
      - Citation Management

    Travel
      + [All Okay]

If I add the "Perform Administrative Tasks" permission to the "Admin
Assistant" role, then some, but not all, of the tasks come back.
Examples:

    Citation Management
      + Full Text Retrieval
      - Search Database
      - Import Citations
      - Not List Maintenance

    Reports
      + Board Management
        + Documents
        + Meeting Dates
        - Hotel Requests
        - Reimbursement Requests
        + Board Membership
      + Citation Management
        + [All okay]

To get the Citation Management tasks, I have to add "Manage Citations"
to the "Admin Assistant" permissions.  To get the two missing Board
Management Reports I need to add the Webform "Access all webform
results" permission to Admin Assistant.

I'm going to go ahead and make those changes, remove the ICRDB Manager
role from Bonnie, and retest.

Then I'll have to do a similar check for the Medical Librarian role.

I think these changes are relatively safe but it's hard to be sure.
They are completely safe from the point of view of granting permissions
to Admin Assistants.  All the permissions I am adding they already had
as ICRDB managers.  On balance they will lose a significant number of
permissions and gain no new ones.  However it is possible that there is
a permission check somewhere in the depths of one of the functions that
blocks Bonnie from doing something.  If so, the solution is:

    Temporarily restore the ICRDB Manager role to Bonnie.
    Hunt down the problem and fix it.
    Remove the ICRDB Manager role from Bonnie.

Alan - I think that at the end of this, we are looking for all of the different user roles to have accessibility matching what we had captured on the spreadsheet (I have attached the latest copy of this for reference as well).

Thanks. I'll go through the spreadsheet, but it's probably best for you to double check and make sure I haven't missed or misunderstood anything.

Are "gaveth" and "tooketh" the right Shakespearean era past tenses?

No. Only the second person singular had a form which we would now consider archaic in the simple past ("preterit") tense ("thou gavest"). Both second ("givest") and third person ("giveth") singular had such forms in the present tense, though. But we digress. :-)

> * Change Cynthia and Minaxi to Medical Librarian Role Only (Remove
>   ICRDB Manager Role Access)

If I remove the ICRDB role from the librarians the following appears to
occur:

    Reports
        + Documents
        + Meeting Dates
        - Hotel Requests
        - Reimbursement Requests

That's okay I think.  According to Victoria's spreadsheet I should
remove all of these from the Librarian's purview, so it won't matter if
they no longer have permission to run a couple of them.  I'll work on
taking them off the menu and just have Citation Management reports
available on the Librarians' "Reports" main menu.

Everything else looks to be what we want.

I think this task is complete. I have modifed a number of program files and put them into svn and they are running on DEV.

I've also produced a document detailing the tasks that must be performed manually. There are a number of them, involving changing the permissions allocated to Administrative Assistants and changing the roles for several users. I'll attach that document to this issue.

Instructions for manual steps to change permissions and roles for this task.

Alan, looking at this on DEV and comparing it to my spreadsheet, I noticed that you commented earlier about removing the board management reports completely from med librarians, but on my spreadsheet, I had actually indicated that they would like to see Documents and Meeting Dates under Board Management for med librarians. Would it be possible to put this back in for them? I will continue looking through, and let you know what else might need to be added/changed.

I'll do that.

Looking at this on DEV, I saw that adding the Administrator Tool tab to the ICRDB manager's role pushes three of the other tabs onto a second line. I think it looks kind of messy, but I'm sure it would be difficult to squeeze them all onto one line. As an alternative, could we add a link to the "Manage summary topics" page (since that's all that's contained in the Admin Tool menu) to the list of Administrative Tasks in the box on the home page? Would that be feasible?

Admin assistants should have the ability to create and edit events and view the show own events/show all events toggle. I'm logged in as Bonnie Ferguson but I do not see them.

Admin assistants should also be able to edit the directions, local travel, and long-distance travel pages under the travel tab. It looks like the test admin assistant can do this on QA but Bonnie cannot do this on DEV.

Sorry, I've been absorbed with a major overhaul of import error processing and haven't gotten back to this roles issue. I finished that and should be able to focus on the roles. Victoria Sun found a number of things that need fixing, and I'll add yours to them. I'll be in on Monday and Tuesday next week and will try to get everything fixed up in time for more testing during the week.

Bob says that the right approach to the menu bar is to dynamically make the font smaller for users whose menu bars are too wide. I'll explore that.

Board Management reports have been restored for librarians, but now with only two reports instead of the larger menu they once had.

On DEV and in svn.

I followed Bob's advice on handling the long menu for ICRDB Managers by shrinking the font. If that doesn't pass the aesthetics test, we can either tweak it some more, or I can try Robin's approach of putting it in the "Administrative Tasks" box - though I'll want to get all of the permissions right first before we tweak the aesthetics.

On DEV and in svn.

Bonnie's (and any other admin assistant's) ability to create and edit events and toggle the show own / all events display is installed on DEV. This requires changes in the People / Permissions administration screen. Instructions have been added to the file that shows how to do that. I will upload the modified version after looking at any other required changes.

Version 2 of the changing permissions instructions.

I have applied the changes to QA. Two corrections to the instructions:

1. Site managers can't do the first step (change role permissions); CBIIT will have to do that when we get to STAGE and PROD.

2. For removing the ICRDB manager role from admin assistants, the easiest (and least susceptible to error) is to check the accounts to be changed, and use the dropdown action list to remove the ICRDB manager role in a bulk action.

Ready for testing on the QA tier.

Updated instructions for modifying permissions.

After some searching, I think I fixed the last of the permissions issues - which was to enable the Admin Assistant role to see all forums. The fix will require exporting the most recent version of ebms_forums.module from subversion to QA.

I have promoted that last change to QA.

Now that I am a site manager on QA, the HTML editor pages (calendar events, travel pages, etc.) look very different. I think this is the back-end view.

We've noticed a few permissions items that are not in accordance with the spreadsheet. None of these are critical and it's late to make any changes, so let's plan to make these adjustments in the next release.

Admin assistants do not have the following abilities (and should):

1. Create a forum.
2. Edit a forum.
3. View archived topics.

ICRDB managers should have a link to "Review citations" (their queue) on the citation management panel on the home page. They should NOT have a link to "Full text retrieval" (this is a broken link since they do not have access to that page).

Verified on QA (mostly). I would like to revisit the items in my previous two comments in the next release. Thank you!

I believe I have corrected the gap in the admin assistant's forum permissions on QA. Want to take another look?

I verified the following on QA.

Admin assistants now have the following abilities:

1. Create a forum.
2. Edit a forum.
3. View archived topics.

Thank you!

Home page citation management panel fixed for ICRDB managers.

Verified on QA.

Verified the permission changes for each of the roles on production.

We did not verify the new site manager role for Victoria and I; the back-end view of some pages is not ideal, so we'd like to consider whether there are any other ways to give us admin privileges that do not affect our HTML editor pages in the next release.