Admin interface: admin cannot edit scripts, if he is not in "allowed users" for this script #342
Comments
|
@bugy this "bug" is actually a feature, I'm leveraging it to separate the admin permissions of admins from different teams which shouldn't manage and access each other scripts. it was completely awesome if this feature was effecting also the script audit screen, which will allow admins to see audits items only of Scripts they are in the "allowed users". Anyway please don't fix this bug which will actually kill a great feature |
|
Hey, actually the edit was always available. It was not shown in the list.
I.e. any admin could open and edit any script, by changing the URL
Alonel <[email protected]> schrieb am Sa., 10. Okt. 2020, 00:12:
… @bugy <https://github.com/bugy> this "bug" is actually a feature, I'm
leveraging it to separate the admin permissions of admins from different
teams which shouldn't manage and access each other scripts. it was
completely awesome if this feature was effecting also the script audit
screen, which will allow admins to see audits items only of Scripts they
are in the "allowed users".
Anyway please don't fix this bug which will actually kill a great feature
—
You are receiving this because you were mentioned.
Reply to this email directly, view it on GitHub
<#342 (comment)>,
or unsubscribe
<https://github.com/notifications/unsubscribe-auth/AAJXPJLB7UEU4QNU3NRLZXDSJ6DEJANCNFSM4RSFRECA>
.
|
|
You right, but most of the people don't try to hack the system, in most of the cases it's enough they just don't see it visible in their list. if it's possible to actually prevent them to edit even if they changing the URL manually to point the script that will be even more awesome! and if they won't able to see it in the script audit screen that will be a completely killer feature. that way you can have many levels of admin. |
|
Maybe introducing another role like global admin or just script editor permission? :P |
|
Yes another role will also make sense. Maybe script admin? Script admin should include the following:
At the end not all admins should have the ability to see and manage all scripts. What do you think? |
|
I'll add "admin_users" field for each script.
If it's specified, then only admins from the list would be able to see and
edit the configuration
Alonel <[email protected]> schrieb am Do., 15. Okt. 2020, 06:46:
… Yes another role will also make sense. Maybe script admin? Script admin
should include the following:
1. View and edit permissions for the script.
2. View script audit
At the end not all admins should have the ability to see and manage all
scripts.
What do you think?
—
You are receiving this because you were mentioned.
Reply to this email directly, view it on GitHub
<#342 (comment)>,
or unsubscribe
<https://github.com/notifications/unsubscribe-auth/AAJXPJK6CMQBZBD7Q5IWS7DSKZ5C3ANCNFSM4RSFRECA>
.
|
Is that really any different than current implementation at first place? |
|
What do you mean?
At the moment, for some *specific script* you can define only allowed
users, i.e. who can execute it
Shinebayar G. <[email protected]> schrieb am Do., 15. Okt. 2020,
08:15:
… I'll add "admin_users" field for each script.
If it's specified, then only admins from the list would be able to see and
edit the configuration
Alonel ***@***.*** schrieb am Do., 15. Okt. 2020, 06:46:
Yes another role will also make sense. Maybe script admin? Script admin
should include the following:
1. View and edit permissions for the script.
2. View script audit
At the end not all admins should have the ability to see and manage all
scripts.
What do you think?
—
You are receiving this because you were mentioned.
Reply to this email directly, view it on GitHub
#342 (comment)
<#342 (comment)>,
or unsubscribe
https://github.com/notifications/unsubscribe-auth/AAJXPJK6CMQBZBD7Q5IWS7DSKZ5C3ANCNFSM4RSFRECA
.
Is that really any different than current implementation at first place?
—
You are receiving this because you were mentioned.
Reply to this email directly, view it on GitHub
<#342 (comment)>,
or unsubscribe
<https://github.com/notifications/unsubscribe-auth/AAJXPJIQZQMNSNTRYCSN62TSK2HO7ANCNFSM4RSFRECA>
.
|
|
@Alonel I made a commit to dev, now you would be able to specify: "admin_users" for a script, i.e. the admins who would be able to modify the script configuration. It's completely independent on "allowed_users" |
For each script you can specify "allowed users", meaning that only those users would be able to see and execute the script. This should affect even admins (i.e. you can prohibit some script executions for admins)
However, this setting should affect only main UI and execution. In the admin interface, admins should be able to see ALL the scripts and configure them
The text was updated successfully, but these errors were encountered: