Upgrade StorageRoles for group libraries: a proposal
In various places we've seen requests for additional roles and a more fine-grained permission system in group libraries ([1], [2], [3], and links therein). My goal here is to make a very specific proposal in the hope to spur development of the groups functionality.
Although a finegrained permission system (where permissions can be set per user) would be the most flexible, a useful first way to implement it would be to have something like the following set of user roles:
Notes:
* the "viewer" role is essentially what is currently the anonymous user who comes by and browses a public group. However, non-public groups too would be helped by such a role, as in cases where you want to share a bibliography with someone without giving them access to all your PDFs.
* all user roles can can be given to multiple users, except for the "owner" role, of which there always has to be only and can be no more than one one.
* I have not thought deeply about what the respective user roles should be able to do with notes and attachments, but a reasonable first stab would be to inherit permissions from top-level items. I am aware however that some have requested that permissions for top-level items and attachments be manageable separately so this may need more thought.
Although a finegrained permission system (where permissions can be set per user) would be the most flexible, a useful first way to implement it would be to have something like the following set of user roles:
- viewer: can only see items (but not notes or attachments)
- subscriber: can see items, notes and attachments
- contributor: can add items, notes and attachments, and edit/remove only their own contributions
- editor: can add, edit and remove all items
- administrator: can do all the above plus group rename, delete, and managing user roles
- owner: is an administrator to whose storage the group attachments are counted (there can be only one owner)
Notes:
* the "viewer" role is essentially what is currently the anonymous user who comes by and browses a public group. However, non-public groups too would be helped by such a role, as in cases where you want to share a bibliography with someone without giving them access to all your PDFs.
* all user roles can can be given to multiple users, except for the "owner" role, of which there always has to be only and can be no more than one one.
* I have not thought deeply about what the respective user roles should be able to do with notes and attachments, but a reasonable first stab would be to inherit permissions from top-level items. I am aware however that some have requested that permissions for top-level items and attachments be manageable separately so this may need more thought.
The aim is of course to have a fairly large contributor base of Zotero users who can add references, BUT, and that's a fairly large but, in the current set-up it would only take one careless or otherwise haphazard user with editing rights to delete substantial parts of the bibliography.
My ideas on 'viewers' and 'subscribers' are less definite, but having 'contributors' separately from 'editors' would be a huge bonus for my use case.
And perhaps 'owners' could be 'administrators' and thus several people in one group?
I would appreciate any information on how this proposal fares in the eyes of the developing powers that be. From the many threads in the forums it appears many users are looking forward for the groups functionality to improve. However, since much of the discussion is somewhat diffused and distributed over many threads, I'm hoping a concrete proposal is a useful contribution.
(I apologize for being a forum-only user, but I simply cannot keep tabs on all the different dev resources and yet I am interested in learning what happens when I spend time proposing interface improvements like this — and whether I should keep doing it...)
Things related to groups and the web interface are almost never discussed on zotero-dev and website changes only appear on trac when they are implemented - so core devs would be the only people to say.
Hoping to hear further details about this from other devs.
I am seriously using Zotero Groups in a handful of projects now and we run into these limitations quite often, as when people inadvertently delete items or attachments. And even though we would like to share the group library more widely, we find we simply cannot do it until more fine-grained viewing and subscribing options are in place — and until default views for public bibliographies are more sensible and pretty.
If this _really_ can't be done the folks at Zotero might be willing to help you out, but I don't know the protocol for that.
Just wanted to support Mark's proposal and offer one suggestion. I've got a group that's currently in development mode and have wanted to expand the mmembers, but have been concerned about deletions.
Mark obviously has put a bit of thought into the member types and I can't see much fault. I am a fan of KISS, but I don't think he's made it too complicated.
The one suggestion I might make is to think about limiting the ability to "empty the trash". Deletions is the key issue I think. If these were "reversible" until cleared by someone with higher level privileges, would go a long way to addressing concerns.
More complicated, but potentially more useful, would be a change log where all changes could be reviewed. On balance I think the pareto optimal solution is to just restrict the rights to empty the trash.
Cheers, Brian
Also, I agree with many of the concerns here (especially the deleting problem) and I think that what Mark proposed could be very important, especially the idea of many contributors that can work only on their own contribution, with a small number of editor (maybe even only one) that are responsible for the overall bibliography.
I will stay with Zotero as long as I am confident that something similar will eventually be implemented, otherwise I will have to find a new tool.