Open-AudIT
https://www.open-audit.org/phpBB3/

Question about org and User Role
https://www.open-audit.org/phpBB3/viewtopic.php?f=20&t=6620
Page 1 of 1

Author:  omega4471 [ Fri Aug 11, 2017 11:18 pm ]
Post subject:  Question about org and User Role

If I create a new org with parent org default org and create a user with the admin org and admin role and select only the new org and not the default org in the grant permission, the report menu does not contain the queries and also the querie key Near export. The query and report menu are only enabled for the default org and the new user must re-create them. Is this correct?
Thanks

Author:  Mark [ Tue Aug 22, 2017 8:43 am ]
Post subject:  Re: Question about org and User Role

The report menu should contain the queries. I'll look into this.

Author:  Mark [ Tue Aug 22, 2017 10:44 am ]
Post subject:  Re: Question about org and User Role

FYI - fixed for next release.
For certain collections (attributes, credentials, groups, queries & summaries) we should allow the user to also view the objects in their parent(s) Orgs.
IE - user A has permission on Org 2, which is a child of Org 1.
User A should be able to view the reports, groups, etc from Org 1.

This extrapolates further down/up the tree. IE - user C belongs to an Org at 5 levels deep, he can see queries for each parent up the tree, as far as Org 1 (default Org). He cannot see those parents other childrens objects though.

I hope that makes sense.

QUESTION. I have implemented this for the above collections (attributes, etc). What do people think about the same logic for fields? Should user A be able to see any fields that belong to the parents (and grandparents, etc)?

Author:  omega4471 [ Tue Aug 22, 2017 6:16 pm ]
Post subject:  Re: Question about org and User Role

The user must only see the authorized fields of his organization. No of the parental organization.
The logic for the fields is correct :D

Page 1 of 1 All times are UTC + 10 hours
Powered by phpBB® Forum Software © phpBB Group
https://www.phpbb.com/