Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Admin users don't see all users but can now "Give an existing user view access" by entering the username #9379

Merged
merged 10 commits into from
Dec 21, 2015
Merged

Admin users don't see all users but can now "Give an existing user view access" by entering the username #9379

merged 10 commits into from
Dec 21, 2015

Conversation

tsteur
Copy link
Member

@tsteur tsteur commented Dec 11, 2015

fixes #4314

I didn't name it "Invite user" since this would imply that the user has to confirm/approve the invitation. Therefore named it "Give view access".

  • A super user will always see all users
  • A user having admin access can see all users, having view or admin access to the same sites where the user has admin access to. Say user has view access to sites 3,5 and admin access to 4,7,8 then this user will see all users having view or admin access for site 4,7 or 8.
  • A user having view access will always see his own user when requesting anything via API.

In the user manager, for a user having admin access, we show only users that have view or admin access to the selected site. If all sites are selected, we show all users the current user is allowed to see.

@tsteur tsteur added not-in-changelog For issues or pull requests that should not be included in our release changelog on matomo.org. Needs Review PRs that need a code review labels Dec 11, 2015
@tsteur tsteur added this to the 2.15.1 milestone Dec 11, 2015
tsteur
tsteur reviewed Dec 11, 2015
View reviewed changes
core/Access.php
*/
public function checkUserHasSomeAdminAccess()
public function isUserHasSomeAdminAccess()
Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I added it to this class for easier injecting of dependencies and easier testing. Added tests for this method... this is what we should use in the future anyway instead of Piwik::check... or Piwik::is...

mattab pushed a commit that referenced this pull request Dec 21, 2015
Merge pull request #9379 from piwik/4314
71d9087 
Don't let "admin" users see all other users in Piwik
@mattab mattab merged commit 71d9087 into master Dec 21, 2015
@mattab
Copy link
Member

mattab commented Dec 21, 2015

I couldn't find anything to feedback, this is a wonderful PR! and 👍 all the new test cases!

@mattab mattab mentioned this pull request Dec 21, 2015
Closed
@sgiehl sgiehl deleted the 4314 branch December 22, 2015 00:08
@mattab mattab added Major Indicates the severity or impact or benefit of an issue is much higher than normal but not critical. and removed not-in-changelog For issues or pull requests that should not be included in our release changelog on matomo.org. labels Jan 30, 2016
@mattab mattab changed the title Don't let "admin" users see all other users in Piwik Admin users can "Give an existing user view access" by entering the username, and don't see all users Jan 30, 2016
@mattab mattab changed the title Admin users can "Give an existing user view access" by entering the username, and don't see all users Admin users don't see all users but can now "Give an existing user view access" by entering the username Jan 30, 2016
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
Major Indicates the severity or impact or benefit of an issue is much higher than normal but not critical. Needs Review PRs that need a code review
Projects
None yet
Milestone
2.16.0
Development

Successfully merging this pull request may close these issues.
2 participants
@tsteur @mattab