10000 Awards and Ribbon Rack Edit Super Editor · Issue #217 · TRMN/medusa · GitHub
[go: up one dir, main page]
More Web Proxy on the site http://driver.im/
Skip to content

Awards and Ribbon Rack Edit Super Editor #217

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
rmatheny opened this issue Aug 29, 2018 · 2 comments
Open

Awards and Ribbon Rack Edit Super Editor #217

rmatheny opened this issue Aug 29, 2018 · 2 comments
Labels
Enhancement

Comments

@rmatheny
Copy link
rmatheny commented Aug 29, 2018
edited
Loading

Background: There may be situations where there was an easy way for an admin to update a members ribbon rack that didn't involve the DEV TEAM editing the record in the database directly. A limited number of admins can actually masquerade as a user...they can log in as themselves, search for the user, click an icon that most of you don't see and for all practical purposes, they are now logged in as that user. They see everything filtered through that users permissions, etc. The admin has no admin privs at all. All they can do is return to their original user. It's a higher level permission than ALL_PERMS. The only way that an admin can give the USER_MASQ permissions to someone is if THEY have it. There's one other permission like that as well, for doing CrUD operations on the config table in the database, and there is an easy mechanism for adding other permissions to the list of perms that you have to have to be able to give. So, in 95% of the cases, one of these very lucky admins could masquerade as the user and update their ribbon rack. However, there are a few awards that are not editable via the ribbon rack interface -- the SWP, MCAM and a few others.

So, here's what we need:

  1. A new permission to allow someone to edit another members ribbon rack

  2. An icon added to the member's service record if the logged in user has the permission defined in Switch to using Redis for sessions #1 (We will use the Font Awesome "bars" icon for Remove Bower and rely entirely on NPM #2)

  3. When that icon is clicked, the logged in user will be able to edit every award, including the restricted ones

  4. The logged in user will then be able to save the ribbon rack

This permission is giving edit permission to other user's ribbon racks as opposed to logging the super admin in as the user.
@rmatheny rmatheny self-assigned this Aug 29, 2018
@rmatheny
Copy link
Author

Initial spec has been written and uploaded to the TRMN Synology

@rmatheny rmatheny removed their assignment Aug 30, 2018
@Motye
Copy link
Contributor
Motye commented Aug 30, 2018 via email

@dweinerATL dweinerATL mentioned this issue Apr 17, 2019
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
Enhancement
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@dweinerATL @Motye @rmatheny
0