Create a Report or use a view which Show me all subprojects where a user or a Group has access to

khoppe · ‎May 06, 2016

There are different chances to look onto access definitions within Integrity Module "Configuration Management":

Using "View Permissions" at one subproject
Using Admingui => Configuration Management => Permissions => Projects
Using Admingui => Server Diagnostics => Evaluate ACL

But whereas Integrity is already checking it, there is no possibility to check ALL valid Access definitions with one glance at a subproject

(specific as well as inherited definitions), neither for that project node, nor for a user/group.

For checking access (= permission) problems there is always the need to check a lot of different levels up to the overall definitions that are not visible without admin gui.

vichavan · ‎Apr 25, 2017

Hi Klauss,

Not sure if you have seen the new 'View Permissions' GUI in 10.8 onwards. If you have seen this and doesn't satisfy your requirement, please let me know.

The new UI I am talking about shows the permissions for a sub-project along with its ACL inheritance with all details for which you had to go to admin client earlier.

Along with this, in 11.1, we have also given a new action 'View resolved Project permissions' and 'View resolved Member permissions' which gives you the list of all resolved ACLs with information as to which ACL is granted and which is denied. Again, this is in the client UI and user doesn't have to go to admin UI. If the user is a project manager or equivalent, he can check this permission resolution for a member in his/her team as well.

Thanks!

Virendra

khoppe · ‎Apr 25, 2017

The new "View Permissions" in 10.8 is a first step in direction required.

What you describe about 11.1:

Virendra Chavan schrieb:

(..) Along with this, in 11.1, we have also given a new action 'View resolved Project permissions' and 'View resolved Member permissions' which gives you the list of all resolved ACLs with information as to which ACL is granted and which is denied.(..)

covers the topic defined from me as "(..) check ALL valid Access definitions with one glance at a subproject (..) for that project node (..)".

The second request: "(..) check ALL valid Access definitions with one glance (..) for a user/group (..)" is still open.

Regards,

Klaus

vichavan · ‎Apr 25, 2017

The new "View Permissions" in 10.8 is a first step in direction required.

>>>an you explain what more are you expecting ?

The second request: "(..) check ALL valid Access definitions with one glance (..) for a user/group (..)" is still open.

>>> You can as well see the access definitions resolved for a user for a sub-project as I mentioned, definitely not for groups. Can you comment on what more you are looking for here?

khoppe · ‎Apr 26, 2017

1st step: Changes in 10.8

2nd step: Changes you described for 11.1

Request covered with 2nd step: valid access definitions at a subproject.

I expect following look and feel for 11.1: I can see all definitions done for a user directly or via Groups he has been assigned to at a subproject.

Missing functionality:

I can create a Report or use a view which Show me all subprojects where a user or a Group has access to.

It would be great if such a functionality could be distributed at least with Key user from Project Teams.

The report should also contain infos from Archive as well as for Shared Subprojects.

vichavan · ‎Apr 27, 2017

Ok. This missing functionality is not possible right now as all our reports are also based on queries and you cannot relate a query with permission. I understand the use case and we will try to address this in future. Just to avoid any further confusion, I have updated the title of the idea. Thanks!