Ticket #632 (closed enhancement: fixed)

Opened 2 years ago

Last modified 1 year ago

Rights for new user

Reported by: a.mittelstaedt@web.de Assigned to: dufuz
Priority: normal Milestone: 0.8.0
Component: Core / Access Control Version: SVN
Severity: minor Keywords:
Cc:

Description

Hello
I added a new user and saw, that he got all rights. I think it should the way round. If I add a new user he should have no/basic rights! Like in Linux/Unix.
Now I have to go through all gadgets in the ACL-List and remove all the checkmarks instead of just adding them, where needed.

Firefox 1.5.0.7
Apache 2.0.55
MySQL 5.0.19
Jaws Rev.4325

Attachments

Change History

12/07/06 19:47:05 changed by dufuz

  • owner changed from jawsbugs@jaws.com.mx to dufuz.
  • status changed from new to assigned.
  • milestone set to 0.8.0.

Finally someone that thinks like me ;-) I'll try to get this in for 0.8, we'll see what other developers think.

01/13/07 03:22:27 changed by afz

i, agree with this subject that the new user must not have full rights, but have different idea for solve this.
IMO, we must have some groups with default rights, that not deletable, such as Administrators, Guests. so when a new user created it must be member of Guests, and the user ACL's are empty for first time.

01/13/07 03:24:54 changed by afz

default groups not deletable, but there's ACL's can be change, except Administrators for ex.

04/09/07 19:42:19 changed by dufuz

Just a status update, now users are created with 0 permissions, still haven't created the default group that users will be added to, won't be a problem to do, admins don't need groups since they have a special right level, anything else is really just up 2 the site admin.

I'm going to make that default group both deletable and allow people to rename it and in the admin section we'll allow people to pick what group is the default one if any, flexible and should work fine.

04/21/07 17:22:50 changed by pablo

Wouldn't be better if we just 'drop' the 'true' value in the Info.php file? that way automatically all ACL will be added to the DB as 'false'.

Currently we have this: 

 $acls = array(
            'default'          => 'true',
            'AddFriend'        => 'true',
            'EditFriend'       => 'true',
            'DeleteFriend'     => 'true',
            'UpdateProperties' => 'true',
        );

IMHO, would be better to just have: 

 $acls = array(
            'default'          
            'AddFriend'        
            'EditFriend'       
            'DeleteFriend'     
            'UpdateProperties' 
        );

Which could be the same as: 

 $acls = array(
            'default'          => 'false',
            'AddFriend'        => 'false',
            'EditFriend'       => 'false',
            'DeleteFriend'     => 'false',
            'UpdateProperties' => 'false',
        );

04/22/07 00:34:11 changed by dufuz

yeah go ahead and do it, me likes ;)

Tho I think all our gadgets use flase by default now (via the key part tho), we should change so that people have to pass a boolean, that way if we get string as the value then we know it's suppose to be false by default.

04/27/07 16:54:04 changed by pablo

Ok, I've commited the last changes which are:

  • Current gadgets don't include the 'false/true' value.
  • JawsGadgetInfo? checks if the ACLs that are declared via the PopulateACLs method have a value, if they don't have a value false is used.

With these changes I think this ticket can be closed.

04/27/07 19:50:58 changed by dufuz

No don't just yet, we haven't added the default group thing :-)

Just thinking along the lines that the group would be called "users" and has no permissions and when adding users this group is auto choosen (if id 1 exists then pick it in the dropdown menu, else pick the empty value in the select) ... That should be enough to fullfil this request :)

08/16/07 21:22:38 changed by pablo

Ok, I've commited the following changes to the SVN:

  • When installGadget is called, create a new 'users' group
  • Add an extra field to the groups table for knowing if a group can be removed (aka, those groups created in the install process).

Please make your tests and if it works Ok close this ticket :-)

08/27/07 17:46:50 changed by pablo

Ali, can you help me testing this ticket so we can close it? ;-)

08/30/07 18:24:10 changed by afz

  • status changed from assigned to closed.
  • resolution set to fixed.

Add/Change #632 (Rights for new user)




Change Properties
Action