View Issue Details

Related ChangesetsJump to NotesJump to History
This bug affects 1 person(s).
 12
IDProjectCategoryView StatusDate SubmittedLast Update
13608Bug reportsCentral participant databasepublic2018-04-17 16:332019-05-29 16:39
Reporterrnck Assigned Top_teichmann  
PrioritynoneSeverityminor 
Status closedResolutionfixed 
Product Version3.6.x 
Target Version4.0.0devFixed in Version3.17.x 
Summary13608: Permission to create participants in the central participants database
Description

I want a user to be able to create participants in the central participants database but not to see other admins entries.

Please see screenshot. With these rights, the user cannot see the link under Configuration menu entry to go to "Central participants database". If he uses direct link, he gets error message "no sufficient rights".

Steps To Reproduce

Create a user with the rights set as you can see in the screenshot.
Login with this user and try to access central participants database.

Additional Information

LimeSurvey version 3.6.2
LimeSurvey build 180406
Operating system Linux survey 3.16.0-5-amd64 #1 SMP Debian 3.16.51-3+deb8u1 (2018-01-08) x86_64
PHP version 5.6.33-0+deb8u1
Web server software Apache/2.4.10 (Debian)
Database driver mysql
Database driver version 5.5.59

TagsNo tags attached.
Attached Files
Bildschirmfoto 2018-04-17 um 16.25.28.png (315,960 bytes)
Bug heat12
Complete LimeSurvey version number (& build)3.6.2 180406
I will donate to the project if issue is resolvedNo
BrowserFirefox 59.0.2 (64-Bit) (Mac), Version 11.1 (13605.1.33.1.2) (Mac)
Database type & versionmysql 5.5.59
Server OS (if known)Debian 8.10
Webserver software & version (if known)Apache/2.4.10 (Debian)
PHP VersionPHP 5.6.33-0+deb8u1

Users monitoring this issue

There are no users monitoring this issue.

Activities

DenisChenu

DenisChenu

2018-04-19 15:45

developer   ~47468

I think default behaviour are to see ONLY their participant (except for superadmin) , it's unclear …

Can you test it ?
rnck

rnck

2018-05-09 08:41

reporter   ~47576

I tested again. It seems that the users rights for CPDB must be at least "create" and "view/read". My test user could only see his own participants.

BUT: That's not what I've expected, because the text at that very setting says: "Permission to create participants in the central participants database (for which all permissions are automatically given) and view, update and delete participants from other users". And again: with the "create" setting checked, users do not even see the link under the "configuration" menu.

The "view/read" checkbox at surveys settings lets the survey admin browser other admins surveys. Here, the (similar) text is appropriate: "Permission to create surveys (for which all permissions are automatically given) and view, update and delete surveys from other users". Here I only use the "create" setting for my survey admins and everything is as I expect.

It seems not very consistent that similar settings lead to different user experiences.

Please let me know if you further information.
LouisGac

LouisGac

2018-05-23 10:53

developer   ~47728

the whole permission system should be rewritten for LS4.
cdorin

cdorin

2019-03-08 11:23

reporter   ~50831

another issue with the permissions system.
p_teichmann

p_teichmann

2019-05-06 18:03

administrator   ~51787

https://github.com/LimeSurvey/LimeSurvey/commit/b9f3e708258acbb86e2b98d5043607c7d8c86a8c
p_teichmann

p_teichmann

2019-05-29 16:12

administrator   ~52193

Fix committed to master branch: http://bugs.limesurvey.org/plugin.php?page=Source/view&id=28921
c_schmitz

c_schmitz

2019-05-29 16:39

administrator   ~52209

Version 3.17.4+190529 released

Related Changesets

LimeSurvey: master b9f3e708

2019-05-06 19:56

p_teichmann


Details Diff		 Fixed issue 13608: Permission to create participants in the central participants database Affected Issues
13608
mod - application/controllers/admin/participantsaction.php Diff File
mod - application/views/admin/participants/participantsPanel_view.php Diff File

Issue History

Date Modified Username Field Change
2018-04-17 16:33 rnck New Issue
2018-04-17 16:33 rnck File Added: Bildschirmfoto 2018-04-17 um 16.25.28.png
2018-04-19 15:45 DenisChenu Note Added: 47468
2018-05-09 08:41 rnck Note Added: 47576
2018-05-23 10:53 LouisGac Target Version => 4.0.0dev
2018-05-23 10:53 LouisGac Note Added: 47728
2019-03-08 11:22 cdorin Assigned To => markusfluer
2019-03-08 11:22 cdorin Status new => assigned
2019-03-08 11:23 cdorin Note Added: 50831
2019-04-11 11:57 LouisGac Assigned To markusfluer => LouisGac
2019-04-30 10:18 cdorin Assigned To LouisGac => p_teichmann
2019-05-06 18:03 p_teichmann Note Added: 51787
2019-05-06 18:04 p_teichmann Status assigned => resolved
2019-05-06 18:04 p_teichmann Resolution open => fixed
2019-05-06 18:04 p_teichmann Fixed in Version => 3.17.x
2019-05-29 16:12 p_teichmann Changeset attached => LimeSurvey master b9f3e708
2019-05-29 16:12 p_teichmann Note Added: 52193
2019-05-29 16:39 c_schmitz Note Added: 52209
2019-05-29 16:39 c_schmitz Status resolved => closed