Any tool such as JIRA has many ways to control who can do what with it. For example, JIRA has permission, issue type, field configuration and all its other schemes. The number of dimensions of control has at least two consequences - performance and maintenance.
Performance - every piece of information that is shown to a user has to check that it is in fact supposed to be seen
Maintenance - how to define the permissions in a coherent manner, and then how to make them easy to maintain over time and by different people.
I can imagine solutions for the first consequence, since however the constraints are defined they can be converted to data structures that are reasonably efficient for each kind of checking. Not easy, but doable. But I think handling with the second problem is even harder.
For example, JIRA groups these permissions in one way but someone will always want to group them in another totally-unexpected way. How can that be made easier for everyone is not at all clear to me.
I've seen a massive permission matrix (ExtraView) but that was hard to comprehend. Whatever approach is used, a record of changes and differences between two points in time is also necessary for future maintainers.
Performance - every piece of information that is shown to a user has to check that it is in fact supposed to be seen
Maintenance - how to define the permissions in a coherent manner, and then how to make them easy to maintain over time and by different people.
I can imagine solutions for the first consequence, since however the constraints are defined they can be converted to data structures that are reasonably efficient for each kind of checking. Not easy, but doable. But I think handling with the second problem is even harder.
For example, JIRA groups these permissions in one way but someone will always want to group them in another totally-unexpected way. How can that be made easier for everyone is not at all clear to me.
I've seen a massive permission matrix (ExtraView) but that was hard to comprehend. Whatever approach is used, a record of changes and differences between two points in time is also necessary for future maintainers.
No comments:
Post a Comment