Merge pull request #4643 from opensafely-core/role-descriptions

Update global and project roles descriptions

jobserver/authorization/roles.py

@@ -21,19 +21,11 @@
 
 
 class CoreDeveloper:
-    """
-    Bennett staff member with administrator access to Job Server.
-
-    Note the name is misleading here as this does not imply what we generally mean by
-    "core developer". We plan to rename this role as part of a more general permissions
-    revamp.
-    """
-
-    display_name = "Core Developer"
-    description = (
-        "Bennett staff member with administrator access to Job Server. "
-        "(Not necessarily a developer – this role will be renamed eventually.)"
-    )
+    display_name = "Staff Area Administrator"
+    description = """Access the Staff Area.
+    View and edit applications, backends, organisations, project, repos, users, and workspaces.
+    View dashboards.
+    See Staff Area Administrator Log for the list of individuals who are approved for this role."""
     models = [
         "jobserver.models.user.User",
     ]
@@ -46,10 +38,8 @@ class CoreDeveloper:
 
 
 class InteractiveReporter:
-    """Use the interactive UI"""
-
     display_name = "Interactive Reporter"
-    description = ""
+    description = """View analysis requests and reports for projects that used OpenSAFELY Interactive."""
     models = [
         "jobserver.models.project_membership.ProjectMembership",
         "jobserver.models.user.User",
@@ -61,12 +51,9 @@ class InteractiveReporter:
 
 
 class OutputChecker:
-    """
-    Review output folders that have been proposed for release.
-    """
-
     display_name = "Output Checker"
-    description = ""
+    description = """View, upload, and delete any outputs that have been released to Job Server.
+    View unreleased files on the Level 4 Server."""
     models = [
         "jobserver.models.user.User",
     ]
@@ -79,13 +66,8 @@ class OutputChecker:
 
 
 class OutputPublisher:
-    """
-    Release approved-only outputs to a public location based on the work of the
-    output checkers and/or an OpenSAFELY Reviewer.
-    """
-
     display_name = "Output Publisher"
-    description = ""
+    description = """Publish released outputs (i.e make visible to the public) as a result of a request by a Project Developer."""
     models = [
         "jobserver.models.user.User",
     ]
@@ -95,12 +77,8 @@ class OutputPublisher:
 
 
 class ProjectCollaborator:
-    """
-    TODO: Define this role.
-    """
-
     display_name = "Project Collaborator"
-    description = "View unpublished outputs released from Level 4 to the Jobs site."
+    description = """View outputs that have been released to Job Server."""
     models = [
         "jobserver.models.project_membership.ProjectMembership",
         "jobserver.models.user.User",
@@ -111,14 +89,12 @@ class ProjectCollaborator:
 
 
 class ProjectDeveloper:
-    """
-    An external user who is developing and executing code to analyse data in
-    OpenSAFELY; they will likely want to review (and flag for release) their
-    own outputs.
-    """
-
     display_name = "Project Developer"
-    description = "Run and cancel Jobs, and manage workspaces."
+    description = """Run and cancel jobs.
+    Edit project status and description.
+    Create and manage workspaces.
+    View unreleased outputs on Level 4 and request their release.
+    Request that released outputs are published."""
     models = [
         "jobserver.models.project_membership.ProjectMembership",
     ]
@@ -135,10 +111,8 @@ class ProjectDeveloper:
 
 
 class SignOffRepoWithOutputs:
-    """Internally sign off repos with outputs hosted on GitHub"""
-
     display_name = "Sign Off Repos with Outputs"
-    description = "Internally sign off repos with outputs hosted on GitHub"
+    description = """Internally sign off repos with outputs hosted on GitHub."""
     models = [
         "jobserver.models.user.User",
     ]
@@ -148,15 +122,8 @@ class SignOffRepoWithOutputs:
 
 
 class DeploymentAdministrator:
-    """
-    Run and cancel Jobs on any project, for development and maintenance purposes
-    including technical support for Approved Projects.
-    See Developer Permissions Log for the list of individuals who are approved for this role.
-    """
-
     display_name = "Deployment Administrator"
-    description = """
-    Run and cancel Jobs on any project, for development and maintenance purposes including technical support for Approved Projects.
+    description = """Run and cancel jobs on any project, for development and maintenance purposes, including technical support for Approved Projects.
     See Developer Permissions Log for the list of individuals who are approved for this role.
     """
     models = [

templates/staff/project/membership_edit.html

@@ -2,7 +2,7 @@
 
 {% load roles %}
 
-{% block metatitle %}Edit member: {{ membership.user.name }} — {{ membership.project.title }} | OpenSAFELY Jobs{% endblock metatitle %}
+{% block metatitle %}Edit project roles: {{ membership.user.name }} | {{ membership.project.title }} | OpenSAFELY Jobs{% endblock metatitle %}
 
 {% block breadcrumbs %}
   {% #breadcrumbs %}
@@ -11,21 +11,21 @@
     {% breadcrumb title="Staff area" url=staff_url %}
     {% breadcrumb title="Projects" url=staff_project_list_url %}
     {% breadcrumb title=membership.project.title url=membership.project.get_staff_url %}
-    {% breadcrumb title="Edit member: "|add:membership.user.name active=True %}
+    {% breadcrumb title="Edit project roles: "|add:membership.user.name active=True %}
   {% /breadcrumbs %}
 {% endblock breadcrumbs %}
 
 {% block jumbotron %}
-<div class="jumbotron jumbotron-fluid jumbotron--danger pt-md-2">
-  <div class="container">
-    <h1 class="display-4">{{ membership.user.name }}</h1>
-    <p class="lead"><span class="sr-only">Username: </span>{{ membership.user.username }}</p>
+  <div class="jumbotron jumbotron-fluid jumbotron--danger pt-md-2">
+    <div class="container">
+      <h1 class="display-4">{{ membership.user.name }}</h1>
+      <p class="lead"><span class="sr-only">Username: </span>{{ membership.user.username }}</p>
+    </div>
   </div>
-</div>
 {% endblock jumbotron %}
 
 {% block hero %}
-  {% #staff_hero title="Edit member: "|add:membership.user.name %}
+  {% #staff_hero title="Edit project roles: "|add:membership.user.name %}
     {% if membership.user.social_auth.exists %}
       <p><strong>GitHub Username:</strong> {{ membership.user.username }}</p>
     {% endif %}
@@ -34,12 +34,11 @@ <h1 class="display-4">{{ membership.user.name }}</h1>
 {% endblock hero %}
 
 {% block content %}
-  <div class="flex flex-col gap-8">
-
-    {% #card class="max-w-3xl" container=True %}
-      <form method="POST" class="flex flex-col items-stretch gap-y-6">
-        {% csrf_token %}
+  <div class="flex flex-col gap-y-6 max-w-3xl">
+    <form method="POST">
+      {% csrf_token %}
 
+      {% #card title="Assign project roles" subtitle="Assign roles for "|add:membership.user.name|add:" on project "|add:membership.project.title container=True %}
         {% if form.non_field_errors %}
           {% for error in form.non_field_errors %}
             {% #alert variant="danger" class="mb-6" %}
@@ -48,30 +47,41 @@ <h1 class="display-4">{{ membership.user.name }}</h1>
           {% endfor %}
         {% endif %}
 
-        {% #form_fieldset %}
-          {% form_legend text="Select project roles to assign to "|add:membership.user.name %}
-          {% for value, label in form.roles.field.choices %}
-            {% with id=forloop.counter0|stringformat:"s" %}
-              {% if value in form.roles.value %}
-                {% var checked=True %}
-              {% else %}
-                {% var checked=False %}
-              {% endif %}
-
-              {% fragment as form_label %}
-                <span class="block font-bold text-base">{{ label }}</span>
-                <span class="block text-sm">{{ value|role_description|linebreaksbr }}</span>
-              {% endfragment %}
-              {% form_checkbox custom_field=True name="roles" id="id_roles_"|add:id|slugify label=form_label value=value checked=checked %}
-            {% endwith %}
-          {% endfor %}
-        {% /form_fieldset %}
-
-        {% #button variant="success" type="submit" class="self-start" %}
-          Update member
+        <div class="flex flex-col items-stretch gap-y-6 w-full max-w-3xl mb-6">
+          {% #form_fieldset %}
+            {% if form.roles.errors %}
+              {% for error in form.roles.errors %}
+                {% #alert variant="danger" class="mb-6" %}
+                  {{ error }}
+                {% /alert %}
+              {% endfor %}
+            {% endif %}
+
+            {% form_legend text="Assign roles site-wide" class="sr-only" %}
+
+            {% for value, label in form.roles.field.choices %}
+              {% with id=forloop.counter0|stringformat:"s" %}
+                {% if value in form.roles.value %}
+                  {% var checked=True %}
+                {% else %}
+                  {% var checked=False %}
+                {% endif %}
+
+                {% fragment as form_label %}
+                  <span class="block font-bold text-base">{{ label }}</span>
+                  <span class="block text-sm">{{ value|role_description|linebreaksbr }}</span>
+                {% endfragment %}
+                {% form_checkbox custom_field=True name="roles" id="id_roles_"|add:id|slugify label=form_label value=value checked=checked %}
+              {% endwith %}
+            {% endfor %}
+          {% /form_fieldset %}
+        </div>
+
+        {% #button variant="success" type="submit" %}
+          Update project roles
         {% /button %}
-      </form>
-    {% /card %}
+      {% /card %}
+    </form>
 
     {% #card class="max-w-3xl" container=True %}
       <form
@@ -94,5 +104,5 @@ <h1 class="display-4">{{ membership.user.name }}</h1>
         {% /form_fieldset %}
       </form>
     {% /card %}
-
+  </div>
 {% endblock %}