Feature #1583
Updated by Dominic Cleal about 11 years ago
I have a use case where we want to give readonly access to set of users, but limit it to hosts that are in a specific domain. Currently, I can edit the individual users to set this permission (using the user level filters), but there is no way to do it for a set of users without actually editing each user. I feel that anything that can be set permissions-wise for an individual user, should also be able to be done at the usergroup level. It looks like the main three things that we are missing are: 1) administrator permission 2) assigning roles 3) setting filters It looks like there was a ticket already opened on this topic but it was resolved. http://theforeman.org/issues/1494 One thing that will need to be resolved, is what to do if there are permissions set at both the usergroup level and the user level. (Thing just a union of the permissions is the way to go.)