| Summary | Finer grained Admin privileges through permission api |
| Queue | Horde Base |
| Queue Version | Git master |
| Type | Enhancement |
| State | Resolved |
| Priority | 1. Low |
| Owners | Horde Developers (at) |
| Requester | rlang (at) |
| Created | 10/29/10 (5721 days ago) |
| Due | |
| Updated | 6/14/11 (5493 days ago) |
| Assigned | 4/12/11 (5556 days ago) |
| Resolved | 6/14/11 (5493 days ago) |
| Milestone | 4.1 |
| Patch | Yes |
State ⇒ Resolved
Show specific admin privileges a user has permission to (
Enhancement #9350)3 files changed, 5 insertions(+), 2 deletions(-)
http://git.horde.org/horde-git/-/commit/2496dd30a15424a9b4a8947a5785bbbb155e89d1
[#9350] Finer grained Admin privileges through permission api
20 files changed, 139 insertions(+), 34 deletions(-)
http://git.horde.org/horde-git/-/commit/732460138f14dce101fcb82011f2035607f0aa6b
New Attachment: horde4-finer-graind-admin.patch
users/groups in Horde, i.e. via Administration->Permissions, then
they have to be added to the permission tree of the horde
application. You can do that by applying the attached patch to
lib/api.php. The patch was created for horde 3.3.8. You might need
some fuziness when applying it to other versions of horde.
finer grained Admin to Horde4 would require some change:
Either
1) we need AppInit without the admin flag and then manually check if
admin flag OR a specific permission is set
or
2) we enhance AppInit and allow it to check for the required permission.
Provided there is a decision which way to go, I would volunteer.
State ⇒ Assigned
Assigned to
Milestone ⇒ 4.1
New Attachment: horde-finer-grained-admin-privileges-tree.patch
users/groups in Horde, i.e. via Administration->Permissions, then they
have to be added to the permission tree of the horde application. You
can do that by applying the attached patch to lib/api.php. The patch
was created for horde 3.3.8. You might need some fuziness when
applying it to other versions of horde.
New Attachment: horde-finer-grained-admin-privileges-3.3.11-corrected.patch
horde-finer-grained-admin-privileges-3.3.11.patch on line 88 just
before !$GLOBALS['perms']. This causes a blank frame when trying to
edit permissions. I have attached a corrected version of the patch.
New Attachment: horde-finer-grained-admin-privileges-3.3.11.patch
New Attachment: horde-finer-grained-admin-privileges[2].patch
horde-finer-grained-admin-privileges.patch
New Attachment: horde-fatal-on-admin-3.3.11.patch
horde-fatal-on-admin-3.3.11.patch first,
then apply
horde-finer-grained-admin-privileges.patch
Works smoothly against 3.3.11 without fuzz
New Attachment: horde-finer-grained-admin-privileges[1].patch
commas, no "and".
I replaced them with () && () as in your examples.
Doublequotes to quotes, spaces added, inline variables to concats
State ⇒ Feedback
commas, no "and".
New Attachment: horde-fatal-on-admin-3.3.10.patch
Horde::authenticationFailureRedirect() to Horde::Fatal
Patch built against a clean 3.3.10, but also is applicable with -F3
against a version with the original patch of this ticket.
Priority ⇒ 1. Low
State ⇒ New
New Attachment: horde-finer-grained-admin-privileges.patch
Patch ⇒ Yes
Milestone ⇒ 3.3.11
Queue ⇒ Horde Base
Summary ⇒ Finer grained Admin privileges through permission api
Type ⇒ Enhancement
[dev] H3 User/Group Administration for moderator type users (see
http://lists.horde.org/archives/dev/Week-of-Mon-20101025/025396.html)
I created a patch for horde 3.3.10 which allows finer grained admin
privileges, for example only access to user and group administration
but not to the SQL shell and the permission admin screen.
I took this one step further and added modification to the code
drawing the sidebar and the top menu of the administration screens.