View Issue Details
|ID||Project||Category||View Status||Date Submitted||Last Update|
|13608||Bug reports||[All Projects] Central participant database||public||2018-04-17 16:33||2018-05-23 10:53|
|Target Version||4.0.0dev||Fixed in Version|
|Summary||13608: Permission to create participants in the central participants database|
|Description||I want a user to be able to create participants in the central participants database but not to see other admins entries. |
Please see screenshot. With these rights, the user cannot see the link under Configuration menu entry to go to "Central participants database". If he uses direct link, he gets error message "no sufficient rights".
|Steps To Reproduce||Create a user with the rights set as you can see in the screenshot.|
Login with this user and try to access central participants database.
|Additional Information||LimeSurvey version 3.6.2|
LimeSurvey build 180406
Operating system Linux survey 3.16.0-5-amd64 #1 SMP Debian 3.16.51-3+deb8u1 (2018-01-08) x86_64
PHP version 5.6.33-0+deb8u1
Web server software Apache/2.4.10 (Debian)
Database driver mysql
Database driver version 5.5.59
|Tags||No tags attached.|
|Complete LimeSurvey version number (& build)||3.6.2 180406|
|I will donate to the project if issue is resolved||No|
|Browser||Firefox 59.0.2 (64-Bit) (Mac), Version 11.1 (13605.1.33.1.2) (Mac)|
|Database & DB-Version||mysql 5.5.59|
|Operating System (Server)||Debian 8.10|
|Webserver software & version||Apache/2.4.10 (Debian)|
|PHP Version||PHP 5.6.33-0+deb8u1|
Bildschirmfoto 2018-04-17 um 16.25.28.png (315,960 bytes)
I think default behaviour are to see ONLY their participant (except for superadmin) , it's unclear …
Can you test it ?
I tested again. It seems that the users rights for CPDB must be at least "create" and "view/read". My test user could only see his own participants.
BUT: That's not what I've expected, because the text at that very setting says: "Permission to create participants in the central participants database (for which all permissions are automatically given) and view, update and delete participants from other users". And again: with the "create" setting checked, users do not even see the link under the "configuration" menu.
The "view/read" checkbox at surveys settings lets the survey admin browser other admins surveys. Here, the (similar) text is appropriate: "Permission to create surveys (for which all permissions are automatically given) and view, update and delete surveys from other users". Here I only use the "create" setting for my survey admins and everything is as I expect.
It seems not very consistent that similar settings lead to different user experiences.
Please let me know if you further information.
|the whole permission system should be rewritten for LS4.|
|2018-04-17 16:33||rnck||New Issue|
|2018-04-17 16:33||rnck||File Added: Bildschirmfoto 2018-04-17 um 16.25.28.png|
|2018-04-19 15:45||DenisChenu||Note Added: 47468|
|2018-05-09 08:41||rnck||Note Added: 47576|
|2018-05-23 10:53||LouisGac||Target Version||=> 4.0.0dev|
|2018-05-23 10:53||LouisGac||Note Added: 47728|