Home
Exported

TOLOGIX - Infrastructure LawGuide (ILG)

Harsh Parikh, Tech Lead at DevITMelissa Cowell, General Manager at IndustrialDevaang BhattMorgan Maguire, CEO at TologixHiren PatelMarysia RaptisPaul MoonIrit WeinfeldPrerak Shah, Executive Director & Jt CEO at DevITPatrick Harris, Web Designer at IndustrialPiyush Kanpariya, DevITRob Wiesenberg, ContegraRadomir Mladenovic, ContegraKetan Sondarva, Technical Project Manager at DevITStephanie Ducasse, Web Developer at Industrial +10 others
From the list: ILG Prototype

Problems with permissions for admin users

Morgan M. added this on
Completed by Morgan M.
Assigned to
Anil Vaghela Anil V. Ryan Knuth, Customer Support Manager at Industrial Ryan K.
Notes
Further to the video below, there are two problems with admin permissions:
  1. Admin users can be created without any permissions. Why would we ever create an admin user that can't do anything on the admin site?
  2. When an admin user's permissions are restricted, they can still view restricted aspects of the admin site. When permissions are revoked, those aspects of the site should be suppressed, and not visible to the admin user.

Comments & Events

Anil Vaghela Anil Vaghela
Hello Morgan Maguire, CEO Morgan ,

1. We have done some changes in user module so that user cannot be saved without a permission. At least one permission is required.  

2. Can you provide me a checklist for roles vs modules. E.g. which user role should have access to which module?
Notified 3 people
Morgan Maguire, CEO Morgan Maguire, CEO
Thanks Anil Vaghela Anil . The change in requiring at least one permission per user looks good. 

I'll provide more details roles vs. modules as I get more in-depth with the test this week.

Morgan 
Notified 3 people
Morgan Maguire, CEO
Morgan Maguire completed this to-do.