From 3fa0df15644d6803893f99659290cebcc457a6ce Mon Sep 17 00:00:00 2001 From: Tara Date: Mon, 25 Mar 2024 17:22:09 -0500 Subject: [PATCH] Revert "docs: add EditorRestricted role release note (#9007)" (#9046) This reverts commit bc1b431734f396066330508fe6250546c6304dfe. --- docs/manage/security/rbac.rst | 6 ----- docs/release-notes/editor-restricted-role.rst | 22 ------------------- 2 files changed, 28 deletions(-) delete mode 100644 docs/release-notes/editor-restricted-role.rst diff --git a/docs/manage/security/rbac.rst b/docs/manage/security/rbac.rst index 5b7443b1e0a..12cd6394dba 100644 --- a/docs/manage/security/rbac.rst +++ b/docs/manage/security/rbac.rst @@ -475,12 +475,6 @@ edit, or delete projects and experiments within its scope. The ``Editor`` role supersedes the ``EditorRestricted`` role and includes permissions to create or update NTSC tasks within its scope. -- ``EditorRestricted`` users can still open and use scoped JupyterLab notebooks and perform all - experiment-related jobs, just like those with the ``Editor`` role. The only additional - permissions granted by the ``Editor`` role include the ability to create notebooks, TensorBoards, - shells, and commands (NTSC tasks), as well as the permission to update these tasks, such as - changing the task's priority or deleting it. - ``WorkspaceAdmin`` ================== diff --git a/docs/release-notes/editor-restricted-role.rst b/docs/release-notes/editor-restricted-role.rst deleted file mode 100644 index bb507ce6ca5..00000000000 --- a/docs/release-notes/editor-restricted-role.rst +++ /dev/null @@ -1,22 +0,0 @@ -:orphan: - -**New Features** - -- RBAC: Add a pre-canned role called ``EditorRestricted`` which supersedes the ``Viewer`` role and - precedes the ``Editor`` role. - - - Like the ``Editor`` role, the ``EditorRestricted`` role grants the permissions to create, - edit, or delete projects and experiments within its designated scope. However, the - ``EditorRestricted`` role lacks the permissions to create or update NTSC-type workloads. - - Therefore, a user with ``EditorRestricted`` privileges in a given scope is limited when using - the WebUI within that scope since the option to launch JupyterLab notebooks and kill running - tasks will be unavailable. The user will also be unable to run CLI commands that create scoped - notebooks, TensorBoards, shells, and commands and will be unable to perform updates on these - tasks (such as changing the task's priority or deleting it). ``EditorRestricted`` users can - still open and use scoped JupyterLab notebooks and perform all experiment-related jobs, just - like those with the ``Editor`` role. - - - The ``EditorRestricted`` role allows workspace and cluster editors and admins to have more - fine-grained control over GPU resources. Thus, users with this role lack the ability to launch - or modify tasks that indefinitely consume slot-requesting resources within a given scope.