Demo Discussion
Forum Config Examples Contributions Vulnerabilities
  Discussion forum about ELOG  Not logged in ELOG logo
 Back  |  Find  |  Login  |  Help 
icon5.gif   admin user access admin page, not config page, posted by Szu-Ching Peckner on Tue Sep 18 17:57:47 2012 
    icon2.gif   Re: admin user access admin page, not config page, posted by Garret Delaronde on Fri May 10 17:37:24 2013 
Message ID: 67342     Entry time: Tue Sep 18 17:57:47 2012     Reply to this: 67500
Icon: Question  Author: Szu-Ching Peckner  Author Email: speckner@nd.edu 
Category: Question  OS: Linux  ELOG Version: latest 
Subject: admin user access admin page, not config page 

 We have multiple logbooks. Each user is admin user for his/her own logbook. 

I want user be able to modify config file, but no access to user setting, such as see user list, change password, new user, remove user. 

[logbook1]
Admin user = user1
Login user = user1, user2
Allow Config = user1
List Menu commands = Admin, Config

user1 click on Admin, it opens config file, when user1 click on save, user1 is brought to Config page, which has select user list on top, Change password, Remove user, New user buttons on bottom. Is there a way that admin user has access to config file, but no access to user info at all (not even presented to them).  Is there a way after user1 click save, page doesn't go to that config page?

I could put 
Deny Change password =
Deny Remove user
Deny New user

so when user1 click on those buttons, user1 will get command not allowed. However I would rather have user1 not even see that page. 

 

 

ELOG V3.1.5-3fb85fa6