Demo Discussion
Forum Config Examples Contributions Vulnerabilities
  Discussion forum about ELOG  Not logged in ELOG logo
icon3.gif   Access Control, posted by Grant Jeffcote on Mon May 12 10:16:21 2008 
    icon2.gif   Re: Access Control, posted by Yoshio Imai on Tue May 13 16:58:40 2008 
       icon2.gif   Re: Access Control, posted by Grant Jeffcote on Tue May 13 21:56:30 2008 
          icon2.gif   Re: Access Control, posted by Grant Jeffcote on Thu May 15 17:45:44 2008 
             icon2.gif   Re: Access Control, posted by Hal Proctor on Tue Apr 14 20:00:08 2009 
Message ID: 66312     Entry time: Tue Apr 14 20:00:08 2009     In reply to: 65882
Icon: Reply  Author: Hal Proctor  Author Email: hproctor@mpm.com 
Category: Question  OS: Windows  ELOG Version: 2.7.3-1024 
Subject: Re: Access Control 

Grant Jeffcote wrote:

Grant Jeffcote wrote:

Yoshio Imai wrote:

Grant Jeffcote wrote:
At present we can give others a full view by adding them to the 'Users' list for each individual logbook, this unfortunately also gives them 'write' access.


I think the solution to your problem would be to use Deny statements in the configuration sections for the logbooks.
Assume user1, user2 and user3 are in the "owners'" group of logbook1, and user4 and user5 only have "privileged read" access. Then a configuration as follows might help:
Login user = user1, user2, user3, user4, user5

Deny New = user4, user5
Deny Reply = user4, user5
Deny Duplicate = user4, user5
Deny Edit = user4, user5
Deny Delete = user4, user5
Deny Select = user4, user5
Deny CSV Import = user4, user5

This should give them the same read permissions as the logbook owners but should deny any writing operations. I recognize that this is a little bit of admin work if the lists of such "privileged readers" gets long, but each user would have his/her individual password (even the same as for access to his/her "own" logbook).

Perhaps you can give it a try.


What a great solution, thanks Yoshio, it works a treat.


Is there any way to give a logged in user a 'Guest' view on certain logbooks?
Unfortunately at the moment if they are not in the 'login users = ' group they are automatically logged out and have to re-log back into their own logbook.


I have this same issue. People come and go from one logbook to the other but I still want them to maintain logged in status to the logbook they have rights to.
ELOG V3.1.5-fe60aaf