Bug #647
closedDo not let non-admin users create a new Group
100%
Description
I installed the stable release of myamiweb yesterday (6/10/10). When I try to create a new group, I don't have an option for assigning privileges to the new group. To set them, I had to edit manually in the db.
Files
Updated by Amber Herold over 14 years ago
- File groups.png groups.png added
Can anyone reproduce this? It works correctly on fly. Perhaps has something to do with the DB upgrade. Scott, when you say you don't have an option for setting the privilege, do you mean that the privilege drop box is not there?
Updated by Scott Stagg over 14 years ago
Whoops. This was user error on my part. I was logged in as someone who could "View all but administrate owned". When I login as someone with "At all administration level", a pull down appears that allows me to change permissions. What is weird to me is that someone who is not an administrator can create a group. This seems like an error to me.
Updated by Eric Hou over 14 years ago
- Status changed from New to Assigned
- Assignee set to Eric Hou
Hey Scott!
I noticed you don't have a group call 'users' in your database. If you turn on the login system for myamiweb, this 'users' group is the default group for new user to sign up for an account.
Please create a new group call 'users' (the name matter) and assign the privilege to "Administrate/view only owned project and view shared experiment".
Thanks.
Eric
Updated by Eric Hou over 14 years ago
- Target version set to Appion/Leginon 2.0.0
Updated by Scott Stagg over 14 years ago
Hi Eric,
I do have Users in my db after upgrading to "login" mode. I think the problem is what I say above.
someone who is not an administrator can create a group. This seems like an error to me
Updated by Amber Herold over 14 years ago
- Subject changed from Can't assign privileges in new group to Do not let non-admin users create a new Group
- Category set to Web interface
- Target version changed from Appion/Leginon 2.0.0 to Appion/Leginon 2.1.0
Scott, very good point about creating a group as a non-admin. I'll leave this as a bug to be fixed for 2.1.
Updated by Anchi Cheng over 14 years ago
- Status changed from Assigned to In Code Review
Fixed the power user group creation bug in r14339 in trunk.
Updated by Anchi Cheng over 14 years ago
- % Done changed from 0 to 100
Eric,
Doesn't config.php have default user assignment?
// --- defaut user group -- //
define('GP_USER', 'users');
Upgrades don't get the four default group in case of duplicates. All groups other than the one administrator is in are set with equivalent of user privileges but no rename.
Updated by Eric Hou over 14 years ago
No.
The "users" group is only need to use if system allowing login function.
So if people doing upgrade but not able the login function, they don't need 'users' group.
But if people doing upgrade but able the login function, they need 'users' group. Otherwise they need to manually go to config file to set the default group.
// --- defaut user group -- //
define('GP_USER', 'users');
Thanks.
Updated by Anchi Cheng over 14 years ago
added more of the same type of restricted functions for different groups in trunk r14344
Updated by Eric Hou over 14 years ago
- Status changed from In Code Review to In Test
- Assignee changed from Eric Hou to Amber Herold
- Affected Version set to Appion/Leginon 2.0.1
- Show in known bugs set to No
code are ok.
Updated by Amber Herold over 14 years ago
- Assignee changed from Amber Herold to Anchi Cheng
Anchi, how should I test this? Do a new installation and look for what?
Updated by Anchi Cheng over 14 years ago
- Assignee changed from Anchi Cheng to Amber Herold
Testing:
1. login as a user in poweruser group (view all but edit own privilege).
2. go to addgroup.php
you should get denied access.
3. go to admin.php
you should not see icon linked to addgroup.php
4. go to user.php
you should see users but not being able to edit them.
Updated by Amber Herold about 14 years ago
- Status changed from In Test to Closed