Temporarily Grant Administrator Permission

Question

Can a person with a consultant role who has obtained an administrator role temporarily by holding on shift key and by clicking on Project menu, be able to change the role of a member in a project. For example will that consultant be able to change the existing Administrator to an Observer role to that project?

Answer 1

Yes, an administrator (even a temporary administrator) can change the role of anyone else on the project. The only things that a temporary administrator cannot do is change their own role, or give themselves rights to edit the text.

Comments

Don’t you think this must not happen? As any consultant can them-self become an administrator temporarily and change the role of the main administrator who created the project for translation and make another observer to be an administrator, and then ask that observer who became the administrator to make the temporarily administrator to be an administrator. Why is this temporarily administrator feature available then??

---

Certainly with any good feature someone could use it improperly. This is not a feature to be used lightly. It is in place for emergency situations and times when a consultant needs to help with settings. Certainly with any good feature someone could use it improperly. Any existing project administrator could change the role of another administrator so it is important to trust those you are working with not to do things they should not do.

If an administrator were concerned about this possibility then they could choose not to make anyone on the project a consultant. A consultant is like a translator with no assigned books.

---

Thanks for your reply.
The main reason I need a temporary administrative permission is to only do some task in the “Assignment and Progress” category under Projects Menu, where the “setup required” function comes up in the status column to resolve issues. The “Progress” permission in the Other permission in User roles and permission is very helpful, but it does not allow the user to click on setup required function. Basically what I felt will be a good idea is that, the hidden functionality for giving a consultant an administrative permission is a good option, provided he/she is not able to have the administrative permissions inside Users Roles and Permissions window.

Answer 2

Perhaps it is time to create a new role: Reviewer — Able to create and respond to notes. Only note files are Sent. Cannot change text or any other settings, even inadvertently.
This would be very useful for sharing the text more widely for review.

Comments

Yes good idea. A person who is just reviewing don’t need to have get temporary administrator permission.

---

I think this raises a fairly serious security problem in PT. Thankfully almost no one knows of this “temporary administrator” feature and so there hasn’t been much or any abuse of the flaw.

The order of Roles…
       Administrator
       Translator
       Consultant/Reviewer/Archivist/Typesetter
       Observer
… implies that Reviewers have fewer permissions than Translators, and the text under the role states that the only permission they have which Observers don’t have is to write notes. It was a bit disconcerting today to realize that anyone with that role could take over as administrator.

So I think breaking Reviewer and Consultant into separate roles is extremely, extremely important. Even if it causes temporary headaches because everyone has to go back and reassign team members.

Answer 3

Thanks for the input @anon212107 @anon848905 @mnjames I would like to make a request to split Consultant/Reviewer/Archivist/Typesetter into two. However I woudl like to get more input how to do that. What the new roles be called, and what privileges would they have?. My initial thoughts are:

• Consultant/Archivist: current privileges
• Reviewer/Typesetter: create, resolve and respond to Notes

Your thoughts?

Comments

@CrazyRocky this is one of those interesting discussions where if you ask 10 people you get 11 answers. For me one issue is that we are mixing titles and functions. For example, as a typesetter I usually want the function of an Administrator because I (me personally) need to be able to make changes to settings and adjust text. I realize that not all typesetters do that.

I definitely think that the role of Reviewer should be separated and given a lesser function (as you have defined).

Having said that, I would prefer to just use the titles: “Consultant” and “Reviewer” with the definitions that you created. Someone who is a typesetter could be given whichever role the team and typesetter deem correct for that situation.

So, in the end we end up with five titles/functions:
Administrator - add notes, edit text, change settings
Translator - add notes and edit text
Consultant - add notes and have ability to act as a temporary administrator
Reviewer - add notes
Observer - only receive changes to the text

In any given context the Archivist or Typesetter can be given the appropriate function for that context (reviewer, consultant, or administrator)

---

Archivist needs metadata editing privileges, in particular

• Editing in the Registry,
• Creating and editing Canons

I am not sure what allows them to create a DBL Bundle. It would be interesting to know what files will be S/Red if they are added by any one of the roles above. Obviously an Observer can only receive files. But what about the other 4 roles? I would suggest that the Review role would limit S/R to only the Notes file in the project with their Username attached.