Project

General

Profile

Actions

bug #6106

closed

[Discuss] Handle rights and roles for CdmPreferences

Added by Andreas Müller about 6 years ago. Updated about 1 year ago.

Status:
Closed
Priority:
New
Category:
cdmlib
Target version:
Start date:
Due date:
% Done:

0%

Estimated time:
Severity:
normal
Found in Version:

Description

Currently every user can change CdmPreferences.

Do we need a new role "CdmPreferenceAdmin" or should the right be included in Role_Project_Manager?

How, to implement this in the services and in TaxEditor.


Related issues

Related to EDIT - bug #9051: Role Project manager should not have right to edit users and creating a new user with missing rights results in two message-boxesNewKatja Luther

Actions
Related to EDIT - task #8602: Discuss: Local Preferences & Server-sided Preferences in same menu?NewKatja Luther

Actions
Follows EDIT - feature request #5969: Implement CdmPreference reading for database preferencesClosedKatja Luther

Actions
Copied to EDIT - feature request #9829: Secure writing methods for CdmPreferences with role Role_Project_ManagerNewAndreas Müller

Actions
Actions #1

Updated by Andreas Müller about 6 years ago

  • Due date set to 07/11/2016
  • Start date changed from 09/21/2016 to 07/11/2016
  • Follows feature request #5969: Implement CdmPreference reading for database preferences added
Actions #2

Updated by Andreas Müller about 1 year ago

  • Related to bug #9051: Role Project manager should not have right to edit users and creating a new user with missing rights results in two message-boxes added
Actions #3

Updated by Andreas Müller about 1 year ago

  • Related to task #8602: Discuss: Local Preferences & Server-sided Preferences in same menu? added
Actions #4

Updated by Andreas Müller about 1 year ago

  • Tags set to security, preferences
  • Due date deleted (07/11/2016)
  • Status changed from New to Resolved
  • Assignee changed from Katja Luther to Andreas Müller
  • Target version changed from Unassigned CDM tickets to Release 5.28

CDM Preferences are currently only available via the Admin menu which, I think, is only available for admin and Role_Project_Manager.
In #8602#note-5 it has also more or less been decided that DB preferences should be available via Role_Project_Manager. I think this makes sense and if nobody contradicts I take this as the decision. It was already documented as such add CdmAuthorisationAndAccessControl in context of #8602.

So I think the discussion part of this ticket is done. I open a new ticket for the remaining task to secure the PreferenceService methods accordingly: #9829

Actions #5

Updated by Andreas Müller about 1 year ago

  • Copied to feature request #9829: Secure writing methods for CdmPreferences with role Role_Project_Manager added
Actions #6

Updated by Andreas Müller about 1 year ago

  • Status changed from Resolved to Closed
Actions

Also available in: Atom PDF