(Title was Staff profiles, ldap users & asset permissions)
Are there any clever matrix tricks that would allow us to grant individual staff LDAP accounts edit access to an individual asset within a folder of staff profiles in a Matrix system?
I'm looking for advice again on how others may have or would look to tackle a scenario.
We have an existing staff profile system written as a bespoke web application. It does what we wanted, but as time advances we want to make changes, and the question that's arisen is what can we do with Matrix.
Access to our Matrix installs is governed by an LDAP bridge pointing to a staff group in our LDAP server. What we have been doing is creating a group for each new site in our Matrix install, linking in individual LDAP users and giving the group admin or write permissions to the site.
For staff profiles however, we'd be looking to setup permissions so that department administrators might have access to the profiles for staff in their department, while individual staff would only have access to their own staff profile. Doing so by setting the permissions manually for 500+ staff is not something I'd look forward to.
Has anyone had a go at setting a system in Matrix for several hundred users where each user has edit access to a single asset?
Bump. I've tried to rewrite and rephrase the question, just in case someone has ideas that could be pursued?
I've been advised by Squiz staff for a similar scenario that I was better off setting each individual asset to the specific ldap account. This is for 300+ staff. I was told there were other options, but they were expensive and time consuming so I was better off sticking to the manual method.