einfache.schule ist die beste.schule. Wir haben unsere Domains vereinheitlicht. Alles andere bleibt gleich.
Jetzt wechseln!
Inhalt
OAuth-Autorisierung
In beste.schule werden die Rechte anhand der Rolle des angemeldeten Nutzers vergeben. Es gibt keine gesonderten OAuth-Scopes.
Hier eine Übersicht der je Rolle verfügbaren Routen. Dabei erweitern sich die Rechte. Ein*e Lehrer*in kann auch auf die Routen von Eltern und Schüler*innen zugreifen:
MOD (Administrator*in)
CRUD-Berechtigung für:
- Groups (Create, Update, Delete) + batch, sync, students/subjects verwalten, restore
- Importers + ImporterStundenplan24 (Full CRUD) + load, logs
- Intervals (Create, Update, Delete) + restore
- Levels (Create, Update, Delete)
- Guardians (Full CRUD) + batch, token-management, restore
- Students (Create, Update, Delete) + batch, token-management, intervals, guardians, restore
- Subjects (Create, Update, Delete) + batch, restore
- Substitution-Plans (Full CRUD)
- Teachers (Create, Update, Delete) + batch, token-management, restore
- Time-Tables (Full CRUD)
- Time-Table-Times & Time-Table-Time-Lessons (Create, Update, Delete)
- Users (Full CRUD) + 2FA, password, resend-mail
- Years (Full CRUD) + restore
Types (Create, Update, Delete):
- Absence, Announcement, Checklist, Journal-Notes, Notes, Tags
Sonderrouten:
- School: Update, add/remove users
- Schools: Index, Create
- Histories: showSchool
- Compute: intervalTypes, timeTypes
MANAGEMENT
Berechtigung für:
- Journal Days: Create/Update, Delete (by date)
- Journal Weeks: Create/Update, Delete (by week number)
TEACHER (Lehrer*in)
CRUD-Berechtigung für:
- Absences/Verifications (Create, Read, Update, Delete)
- Absence-Batches (Create, Update, Delete)
- Announcements (Create, Update, Delete)
- Checklists (Create, Update, Delete)
- Collections (Create, Update, Delete) + restore
- Favorites (Full CRUD)
- Finalgrades (Create, Update, Delete)
- Grades (Create, Update, Delete) + restore
- Certificate-Grades (Full CRUD) + restore
- Final-Certificates (Full CRUD) + batch, restore
- Journal-Lessons, notes, lesson-student, day-student (Create, Update, Delete)
- Notes (Create, Update, Delete)
- Reports (Full CRUD) + result, previewReport
- Seating-Plans (Create, Update, Delete)
Read-Only Berechtigung für:
- Levels (Index)
- Rooms (Index, Show)
- Teachers (Index, Show)
- Time-Table-Times & Time-Table-Time-Lessons (Index, Show)
Update-Only Berechtigung für:
- Groups (Update) + subjects order, restore
- Students (Update) + intervals, subjects calculation
- Subjects (Update)
Types (Read-Only):
- Announcement, Checklist, Journal-Notes, Notes, Tags
- Compute: reportTypes, timeNames
GUARDIAN (Erziehungsberechtigte)
Berechtigung für:
- Absences (Create, Update, Delete) - nur unverifizierte
- Absence-Types (Read)
STUDENT (Schüler*in)
Read-Only Berechtigung für:
- Absences (Index, Show)
- Absence-Batches (Index, Show)
- Announcements (Index, Show) + markRead
- Checklists (Index, Show)
- Collections (Index, Show)
- Finalgrades (Index, Show)
- Grades (Index, Show)
- Groups (Index, Show)
- Intervals (Index)
- Guardians (Index, Show)
- Journal: weeks, days, lessons, lesson-student, day-student (Index, Show)
- Notes (Index, Show)
- Seating-Plans (Index, Show)
- Students (Index, Show)
- Subjects (Index)
- Time-Tables (Index, Show) + showCurrent
- Users (Full CRUD für eigenen Account)
- Years (Index)
Sonderrouten:
- School: Show, getLogo
- Substitution-Plans: days (Index, Show), lessons (Index)
- User-Management: me, token, password, 2FA, firebase-device, auth-provider, resend-mail, changeSchool, logout, extend-session
- Years: setCurrent
- Notifications: Index, markRead, executeAction
- Students: removeUser
- Status: Index
Vollzugriff auf eigenen Account:
- User (Full CRUD) + erweiterte Account-Funktionen
Kapitel
