Demo Discussion
Forum Config Examples Contributions Vulnerabilities
  Discussion forum about ELOG  Not logged in ELOG logo
icon3.gif   Access Control, posted by Grant Jeffcote on Mon May 12 10:16:21 2008 
    icon2.gif   Re: Access Control, posted by Yoshio Imai on Tue May 13 16:58:40 2008 
       icon2.gif   Re: Access Control, posted by Grant Jeffcote on Tue May 13 21:56:30 2008 
          icon2.gif   Re: Access Control, posted by Grant Jeffcote on Thu May 15 17:45:44 2008 
             icon2.gif   Re: Access Control, posted by Hal Proctor on Tue Apr 14 20:00:08 2009 
Message ID: 65878     Entry time: Mon May 12 10:16:21 2008     Reply to this: 65879
Icon: Idea  Author: Grant Jeffcote  Author Email: grant@jeffcote.org 
Category: Question  OS:   ELOG Version: 2.7.3-1024 
Subject: Access Control 
Hi Stefan,

We have a configuration where different sites have their own logbooks all under the same server, these are accessed by relevant parties as you might expect by selecting the appropriate tab at the top of the page.
Everyone has visibility of everyone elses logbook as a guest but we have purposely limited the 'Guest' users view (hiding the text portion etc) for various reasons.

We would now like to allow certain parties to view certain logbooks in their entirety but with a 'Read Only' view, I see this can be done but only using a common password. (Read password = <encoded password>)

At present we can give others a full view by adding them to the 'Users' list for each individual logbook, this unfortunately also gives them 'write' access. Also if they click on the tab for a logbook that they are not a 'User' for they are logged out of their existing logbook forcing them to have to log back on. If they are designated in a 'Read Only' viewers list for that logbook then their existing password would presumably be read from the global password file and they wouldn't be logged out?

I would like to be able to implement a 'Read' access view for some parties but not have a common password (use the password file?) and not force the other party to re-logon to view the other logbook.

Something like the ability to add a "Read user = <user list>" in each logbook as can be done with 'Login User' and 'Admin User' at present would be great.

Could you let me know if this is feasible please?

Many thanks in advance.
ELOG V3.1.5-fe60aaf