dotProject Tweak: Field-based Permissions

As one of the more vocal (aka annoying) members of the dotProject community, we often serve as a sounding board – and sometimes implementer – for various ideas, features, and bug fixes within dotProject. One of the requests that I've seen intermittently from dotProject Admins is “How do I hide specific fields from users?”

In the past, there was never a clear answer for this one. There are various sets of dotProject permissions that are relatively easy to implement once you udnerstand the basics, but this is a completely different goal. In these circumstances, you have people who are allowed to see a project, allowed to work on a project, may even be allowed to add or remove stuff from a project, but are denied specific individual pieces of information such as a budget. To date, we've shied away from implementing this sort of functionality due to the complexity, dependencies on the UI, and the organization-specificness of it all.

Well, one group of our dotProject users has begun implementing field-based permissions for his organization. He began with the simple concept of only allowing individuals of certain permission levels to see the field. He promises more details as his development effort goes on, but his initial implementation works and should work relatively well for the rest of the (proposed) 2.x development.

Unfortunately, as we approach dotProject v3.0, this will have to change quite a bit. We're going to have to face this issue and all access control will have to be dealt with deeper inside the system so that every interface – for humans or computers – get the same information based on the same permissions. And besides, when you begin to think along those lines, it gets even more interesting.

As an aside, this also gets into the interesting question of organizational permissions… The individuals doing the work may or may not know the budget for their aspects. Obviously, a project manager should know the budget for her project. The PM's manager will likely know the budget. The manager of different PM's are unlikely to know the budget. VP's are unlikely to know budgets outside of their division. Org-charts are hierarchical, but they also have branches. We'll all have to keep that aspect in mind.