docs: clarify Curators and Admins can be maintainers for credited attribution
- Update Actors table: Curator and Admin entries mention maintainer assignment - Update Role Design Philosophy: same clarification - Update Curator section: note about PersonMaintainer as credit/attribution - Update Admin section: same note
This commit is contained in:
11
USE_CASES.md
11
USE_CASES.md
@@ -13,8 +13,8 @@
|
||||
| **Anonymous** | Unauthenticated visitor | Can only see `Public` content (per #93 visibility levels) |
|
||||
| **User** | Registered, authenticated account | Sees `Public` + `Protected` content |
|
||||
| **Maintainer** | Assigned to zero or more cosplayers | Two-dimensional role: **scoped** cosplayer management (CRUD on albums/assets/profiles for assigned cosplayers only) plus **unscoped** tag management (create/edit any tag, assign tags anywhere, conditional delete). Sees `Private` content for assigned cosplayers. Cannot create people or view stats |
|
||||
| **Curator** | Full content editor | Full CRUD on all people, albums, assets, tags. Can view stats. Cannot manage users/settings/folders/jobs |
|
||||
| **Admin** | System administrator | Everything Curator can do + user management, settings, folders, jobs |
|
||||
| **Curator** | Full content editor | Full CRUD on all people, albums, assets, tags. Can view stats. Cannot manage users/settings/folders/jobs. May also be assigned as a maintainer of specific cosplayers for credited attribution |
|
||||
| **Admin** | System administrator | Everything Curator can do + user management, settings, folders, jobs. May also be assigned as a maintainer of specific cosplayers for credited attribution |
|
||||
|
||||
---
|
||||
|
||||
@@ -27,8 +27,8 @@ The role hierarchy is **strictly cumulative** — each level inherits everything
|
||||
| **Anonymous** | Browse public content | Cannot see anything above `Public` visibility |
|
||||
| **User** | See `Protected` content, self-profile management | Cannot mutate any content |
|
||||
| **Maintainer** | Two capabilities: **(A)** cosplayer-scoped curator powers (albums, assets, profiles for assigned cosplayers), **(B)** global tag management (create, edit, assign, conditional delete) | Cannot create/delete people. Cosplayer management is gated by `PersonMaintainer` assignment. A Maintainer **may** have zero cosplayer assignments — in that case only tag management applies |
|
||||
| **Curator** | Unscoped content CRUD on people, albums, assets, tags; view stats | Cannot manage users, settings, folders, or jobs |
|
||||
| **Admin** | User management, maintainer assignment, settings, folders, jobs | No restrictions |
|
||||
| **Curator** | Unscoped content CRUD on people, albums, assets, tags; view stats | Cannot manage users, settings, folders, or jobs. May be assigned as a maintainer of specific cosplayers (credited attribution, not access gating) |
|
||||
| **Admin** | User management, maintainer assignment, settings, folders, jobs | No restrictions. May be assigned as a maintainer of specific cosplayers (credited attribution, not access gating) |
|
||||
|
||||
---
|
||||
|
||||
@@ -122,6 +122,7 @@ A Maintainer with no cosplayer assignments still retains full tag management cap
|
||||
### Curator (all User + Maintainer +)
|
||||
|
||||
Full content management — no assignment boundaries.
|
||||
Note: Curators **may** also be assigned as maintainers of specific cosplayers via the `PersonMaintainer` table, serving as **credited attribution** (specifically credited to work on assets from that cosplayer). This does not gate their access — they already have full CRUD on all content — but signals a direct contributor relationship.
|
||||
|
||||
| ID | Use Case | Endpoint |
|
||||
|----|----------|----------|
|
||||
@@ -151,6 +152,8 @@ Full content management — no assignment boundaries.
|
||||
|
||||
### Admin (all Curator +)
|
||||
|
||||
Admins **may** also be assigned as maintainers of specific cosplayers via the `PersonMaintainer` table, serving as **credited attribution** (specifically credited to work on assets from that cosplayer). Like Curators, this is a signalling mechanism rather than a gating one — Admins already have unrestricted access.
|
||||
|
||||
| ID | Use Case | Endpoint |
|
||||
|----|----------|----------|
|
||||
| UC-59 | List all users | `GET /api/user` |
|
||||
|
||||
Reference in New Issue
Block a user