I wonder if this might make more sense after a revision of the permissions structures. What I mean by that is:
- I think that a report on permissions would be useful for debugging on the unit admin side why some people seem to be able to do things and why other can’t.
- I think that more granular permissions settings/data would be more useful, but doesn’t really exist right now. For example, as @SteveCagigas pointed out indirectly, the meaning of Full Control changes depending on whether or not the individual is a parent or a leader.
It seems like a hypothetical more granular permissions structure (which I assume is somewhere in the to-do list) would allow directly setting (and therefore investigating) who can execute tasks like:
- mark Completed (Currently anyone with Edit Advancement or Full Control)
- mark Leader Approved (Currently any Leader with Edit Advancement or Full Control)
- mark Awarded (Currently any Leader with Edit Advancement or Full Control)
- edit connections (Anyone with Full Control? Just parents and unit admins?)
- edit profile data (Anyone with Edit Profile or Full Control, except certain data which is only editable by support)
The potential complexity of this brings to mind the *nix permissions structure with some combination of r/w/x for each of the User-Group-All entities. If each type of data belonged to some (sub)class of data (e.g. HomeAddress is part of the PersonalData subclass which is part of the Profile class, BSAID would be part of the Profile class but not considered PersonalData, Rank would be part of the Advancement class, etc), and each class and/or subclass of data had variable permissions for access akin to the rwx system (although I’m not sure how in this context “r” and “x” would differ), you might theoretically have some people with read and write access to all of the Profile class, some with read access for all of the Profile class except for the PersonalData subclass,…
I would be curious to see what the developers are thinking about trying to do before it goes forward, just because I’d hope that, if there’s a lot of development effort being invested, there could be some user feedback on whether or not the effort will address the concern, or if a different (easier) structure might be adequate. On the other-other hand, I’m not paying the developers directly, so…