Opened 7 years ago
Closed 6 years ago
#44415 closed feature request (maybelater)
Create a new user role for DPOs
| Reported by: |
|
Owned by: | |
|---|---|---|---|
| Milestone: | Priority: | normal | |
| Severity: | normal | Version: | 4.9.6 |
| Component: | Privacy | Keywords: | feature-plugin |
| Focuses: | Cc: |
Description
We had a chat during the Contribution Day in WCEU2018 and there was an idea to have a new role implemented just for Data Protection Officers ( DPO ).
The points of this were that:
- only the DPO would have access to edit the policy page
- only the DPO would have access to the privacy tools
- there's no need for other user levels to have access to it (it was mentioned that not even the admin should have access, but I think we where over this part :)).
- the DPO doesn't need to be an 'administrator/editor or any other role' so he wouldn't have access to anything else other than the privacy tools as well.
--
My only valid counter thinking at that time was that there isn't always a DPO needed of course so it wouldn't be nice to force anyone to have 2 different users to tackle a simple thing as creating a policy page. So even though I do see the points above valid I think they would eventually be counter productive and might make more harm than good let's say.
Just bringing this here for more input and see if it is worth thinking up something that would benefit both sides, for example just an extra DPO role if anybody wants to give access only to the privacy tools that we added (the administrator would still of course have access to everything).
Change History (5)
#2
@
6 years ago
- Keywords 2nd-opinion added
I'm inclined to say this is plugin material. New roles have not been introduced in WordPress in a really long time and there are reasons why new primitive capabilities in Core are impossible to introduce properly with the existence of custom roles in the wild (see 45423#comment:10).
#3
@
6 years ago
I'd love to get Stefan Kremer's opinion on this, as a DPO, about what would serve his day to day needs more effectively: a user role or a suite of tools within a plugin. Let's hold this thought.
#4
@
6 years ago
- Keywords feature-plugin added; 2nd-opinion removed
- Milestone Awaiting Review deleted
- Version set to 4.9.6
I tent to agree with @desrosj here on this should be introduced as a plugin and if viable go through the Feature Plugin workflow for inclusion to core. As such I labelled it and unmilestoned the ticket.
@idea15 I would love to hear more from a real DPO their insight would be very helpful. Happy to go through their thoughts in a future meeting, I'm sure loads of ideas can be scraped from them.
I like this idea, if done with new capabilities and a new role then those capabilities should be enabled for admin as well in the case there's no one with the DPO role.