Project

General

Profile

Actions

Feature #1053

closed

make it possible to ban a user from myamiweb without deleting the user

Added by Anchi Cheng about 14 years ago. Updated about 14 years ago.

Status:
Closed
Priority:
Normal
Assignee:
Eric Hou
Category:
Web interface
Target version:
Start date:
11/22/2010
Due date:
% Done:

0%

Estimated time:

Description

This will use privilege level 0 which we have not utilized so far. The idea is to create in project.privileges table a row where all privileges are 0 and a group that uses the privilege row so that we can assign the forbidden user there.

This way the database won't lose reference to the user for what he/she has done previously


Related issues 1 (0 open1 closed)

Related to Appion - Feature #1059: create a new default privilege level (No Privilege)ClosedAnchi Cheng11/29/2010

Actions
Actions #1

Updated by Anchi Cheng about 14 years ago

  • Tracker changed from Bug to Feature
  • Category set to Web interface
  • Status changed from Assigned to In Code Review
  • Assignee changed from Anchi Cheng to Eric Hou

r15060 just cleans up myamiweb/inc/login.inc and remove redundant logic.
r15061 is the real implementation. privilege of data is checked before redirect or processing login_header to view. Also added the same for checkExptAccessPrivilege function in case the person knows how to get to a particular image although it probably is not necessary.

testing:
1. create in project.privileges table a privilege group that has value 0 for all types.
2. create a goup that uses the privilege group.
3. assign a user to that group.
4. try to log in as that user. It should just bounce back to login.php and never logged in.
5. if there are other pages opened in the same browser from previous login, try to refresh it or click on a link. It should bounce to the login.php as well.

Actions #2

Updated by Eric Hou about 14 years ago

  • Status changed from In Code Review to Closed

created an new privilege level call "No Privilege" and a new group call "Disables". Tested it with my own account and it works.

Thanks.

Eric

Actions

Also available in: Atom PDF