Do you think is better a permission-giving approach where by default you assign to new users the less powerful level existent or a permission-taking approach where by default you assign the highest level and then is up to the user to take away permissions?
In my specific case there is not access to very sensitive informations like billings and personal details of other people.
Thanks everybody, is exactly what I was thinking, but now I will have different flavours of the same argument to support it in the next meeting :)
Answer
One major advantage of adding permissions rather than removing them is that if you add new features, they are, by default, not permitted to anyone, and you have to make a conscious decision as to who needs this functionality. This can be used to give permissions to a few test users to start with, and then expand it.
It is also very important to give users what they need - and not more. If you give people a whole lot of stuff that they don't care about, it is junk, and will distract the user from doing their job. And people will not remove themselves from these - they will just ignore them, or try them out and do something odd.
The idea of permissions is not just to make sure that Minions cannot do Important things, but also so that those who need to just Get On And Do Their Job can do that. It is a positive thing to only give permissions as needed.
No comments:
Post a Comment