|
|
|
Demo
Discussion
|
|
Forum
Config Examples
Contributions
Vulnerabilities
|
| Discussion forum about ELOG |
Not logged in |
 |
|
|
|
|
|
Message ID: 65878
Entry time: Mon May 12 10:16:21 2008
Reply to this: 65879
|
|
| Category: |
Question |
OS: |
|
ELOG Version: |
2.7.3-1024 |
|
| Subject: |
Access Control |
|
|
Hi Stefan,
We have a configuration where different sites have their own logbooks all under the same server, these are accessed by relevant parties as you might expect by selecting the appropriate tab at the top of the page.
Everyone has visibility of everyone elses logbook as a guest but we have purposely limited the 'Guest' users view (hiding the text portion etc) for various reasons.
We would now like to allow certain parties to view certain logbooks in their entirety but with a 'Read Only' view, I see this can be done but only using a common password. (Read password = <encoded password>)
At present we can give others a full view by adding them to the 'Users' list for each individual logbook, this unfortunately also gives them 'write' access. Also if they click on the tab for a logbook that they are not a 'User' for they are logged out of their existing logbook forcing them to have to log back on. If they are designated in a 'Read Only' viewers list for that logbook then their existing password would presumably be read from the global password file and they wouldn't be logged out?
I would like to be able to implement a 'Read' access view for some parties but not have a common password (use the password file?) and not force the other party to re-logon to view the other logbook.
Something like the ability to add a "Read user = <user list>" in each logbook as can be done with 'Login User' and 'Admin User' at present would be great.
Could you let me know if this is feasible please?
Many thanks in advance. |