Uploaded image for project: 'Nuxeo Platform'
  1. Nuxeo Platform
  2. NXP-30002

Retention Governance/"compliance light" mode - Allow for granted users to delete content under retention or legal hold

    XMLWordPrintable

    Details

    • Type: Improvement
    • Status: Resolved
    • Priority: Major
    • Resolution: Duplicate
    • Affects Version/s: None
    • Fix Version/s: None
    • Component/s: Retention

      Description

      User story

      • As a platform administrator, I want to configure if a granted user can delete a document under retention and/or legal hold.
      • As a user with a specific permission and ONLY in case of the retention addon is configured to allow it, I can delete a document under retention or under legal hold, so that I can delete content in case of mistake (wrong retention period) or in case of legal changed with retroactive application.

      Description

      The goal is to maintain a high level of security by using retention features but with a more flexible mode than the Compliance mode as power users can delete a record under retention or legal hold.

      This improvement requires to configure the addon in a specific mode: "Governance" mode and to implement a specific atomic permission: RemoveRecords

      Acceptance criteria

      When the retention addon is configured in Governance mode:

      • As a user with ManageRecord permission, I can NOT delete a document under retention or legal hold
      • As a user with write permission but without ManageRecord permission, I can NOT delete a document under retention or legal hold
      • As a user with RemoveRecords permission, I can┬ádelete a document under retention or legal hold (with confirmation about "record" deletion, UX feedback, this might actually happen by default, but confirm with Carolina Gouveia)
      • As an administrator, I can delete a document under retention or legal hold

      When the retention addon is NOT configured in Governance mode:

      • As a user with ManageRecord permission, I can NOT delete a document under retention or legal hold
      • As a user with write permission but without ManageRecord permission, I can NOT delete a document under retention or legal hold
      • As a user with RemoveRecords permission, I can NOT delete a document under retention or legal hold
      • As an administrator, I can NOT delete a document under retention or legal hold

        Attachments

          Issue Links

            Activity

              People

              • Votes:
                0 Vote for this issue
                Watchers:
                3 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: