elog program does not respect "Allow edit" list, posted by Heinz Junkes on Mon Mar 11 11:18:02 2019
|
submissions via the elog - program can overwrite entries even if the user has no edit rights |
Re: elog program does not respect "Allow edit" list, posted by Heinz Junkes on Wed Apr 24 09:43:02 2019
|
Since there's no answer to that.
I am the only one with the problem? Did I just configure something wrong?
Thanks Heinz
Heinz Junkes wrote: |
submissions via the elog - program can overwrite entries even if the user has no edit rights
|
|
Re: elog program does not respect "Allow edit" list, posted by Stefan Ritt on Wed Apr 24 10:15:23 2019
|
There are two ways:
1) Use different password files for different logbooks. Each password file contains only those users which have access to that logbook.
2) Use "Login user = <usr list>" to restrict access to certain users in that list.
Stefan
Heinz Junkes wrote: |
Since there's no answer to that.
I am the only one with the problem? Did I just configure something wrong?
Thanks Heinz
Heinz Junkes wrote: |
submissions via the elog - program can overwrite entries even if the user has no edit rights
|
|
|
Re: elog program does not respect "Allow edit" list, posted by Heinz Junkes on Wed Apr 24 10:21:58 2019
|
Thanks for the answer. The real problem is that you can overwrite existing entries even if you have set an entry to "read only", i.e. you have forbidden further editing.
Heinz
Stefan Ritt wrote: |
There are two ways:
1) Use different password files for different logbooks. Each password file contains only those users which have access to that logbook.
2) Use "Login user = <usr list>" to restrict access to certain users in that list.
Stefan
Heinz Junkes wrote: |
Since there's no answer to that.
I am the only one with the problem? Did I just configure something wrong?
Thanks Heinz
Heinz Junkes wrote: |
submissions via the elog - program can overwrite entries even if the user has no edit rights
|
|
|
|
Re: elog program does not respect "Allow edit" list, posted by Stefan Ritt on Wed Apr 24 10:29:00 2019
|
There is no "read only" flag. Please describe what you exactly did. Probably you want "Restrict edit time" for that.
Stefan
Heinz Junkes wrote: |
Thanks for the answer. The real problem is that you can overwrite existing entries even if you have set an entry to "read only", i.e. you have forbidden further editing.
Heinz
Stefan Ritt wrote: |
There are two ways:
1) Use different password files for different logbooks. Each password file contains only those users which have access to that logbook.
2) Use "Login user = <usr list>" to restrict access to certain users in that list.
Stefan
Heinz Junkes wrote: |
Since there's no answer to that.
I am the only one with the problem? Did I just configure something wrong?
Thanks Heinz
Heinz Junkes wrote: |
submissions via the elog - program can overwrite entries even if the user has no edit rights
|
|
|
|
|
Re: elog program does not respect "Allow edit" list, posted by Heinz Junkes on Wed Apr 24 11:03:26 2019
|
Sorry,
I meant "read only" by using "Restrict edit time" settings. e.g.
Restrict edit time = 24
I understand this to mean that an entry should not be able to be modified after 24 hours.
Heinz
Stefan Ritt wrote: |
There is no "read only" flag. Please describe what you exactly did. Probably you want "Restrict edit time" for that.
Stefan
Heinz Junkes wrote: |
Thanks for the answer. The real problem is that you can overwrite existing entries even if you have set an entry to "read only", i.e. you have forbidden further editing.
Heinz
Stefan Ritt wrote: |
There are two ways:
1) Use different password files for different logbooks. Each password file contains only those users which have access to that logbook.
2) Use "Login user = <usr list>" to restrict access to certain users in that list.
Stefan
Heinz Junkes wrote: |
Since there's no answer to that.
I am the only one with the problem? Did I just configure something wrong?
Thanks Heinz
Heinz Junkes wrote: |
submissions via the elog - program can overwrite entries even if the user has no edit rights
|
|
|
|
|
|
Re: elog program does not respect "Allow edit" list, posted by Stefan Ritt on Wed Apr 24 11:30:37 2019
|
So you are telling me that "Restrict edit time" is not working correctly? In order to fix any problem, I have to reproduce it. Can you post a minimel elogd.cfg file with which I can reproduce the problem?
Stefan
Heinz Junkes wrote: |
Sorry,
I meant "read only" by using "Restrict edit time" settings. e.g.
Restrict edit time = 24
I understand this to mean that an entry should not be able to be modified after 24 hours.
Heinz
Stefan Ritt wrote: |
There is no "read only" flag. Please describe what you exactly did. Probably you want "Restrict edit time" for that.
Stefan
Heinz Junkes wrote: |
Thanks for the answer. The real problem is that you can overwrite existing entries even if you have set an entry to "read only", i.e. you have forbidden further editing.
Heinz
Stefan Ritt wrote: |
There are two ways:
1) Use different password files for different logbooks. Each password file contains only those users which have access to that logbook.
2) Use "Login user = <usr list>" to restrict access to certain users in that list.
Stefan
Heinz Junkes wrote: |
Since there's no answer to that.
I am the only one with the problem? Did I just configure something wrong?
Thanks Heinz
Heinz Junkes wrote: |
submissions via the elog - program can overwrite entries even if the user has no edit rights
|
|
|
|
|
|
|
Re: elog program does not respect "Allow edit" list, posted by Heinz Junkes on Wed Apr 24 11:56:24 2019
|
I ask my users where they had the problems and then create a demo for testing.
Thanks Heinz
Stefan Ritt wrote: |
So you are telling me that "Restrict edit time" is not working correctly? In order to fix any problem, I have to reproduce it. Can you post a minimel elogd.cfg file with which I can reproduce the problem?
Stefan
Heinz Junkes wrote: |
Sorry,
I meant "read only" by using "Restrict edit time" settings. e.g.
Restrict edit time = 24
I understand this to mean that an entry should not be able to be modified after 24 hours.
Heinz
Stefan Ritt wrote: |
There is no "read only" flag. Please describe what you exactly did. Probably you want "Restrict edit time" for that.
Stefan
Heinz Junkes wrote: |
Thanks for the answer. The real problem is that you can overwrite existing entries even if you have set an entry to "read only", i.e. you have forbidden further editing.
Heinz
Stefan Ritt wrote: |
There are two ways:
1) Use different password files for different logbooks. Each password file contains only those users which have access to that logbook.
2) Use "Login user = <usr list>" to restrict access to certain users in that list.
Stefan
Heinz Junkes wrote: |
Since there's no answer to that.
I am the only one with the problem? Did I just configure something wrong?
Thanks Heinz
Heinz Junkes wrote: |
submissions via the elog - program can overwrite entries even if the user has no edit rights
|
|
|
|
|
|
|
|
Re: elog program does not respect "Allow edit" list, posted by Heinz Junkes on Fri Apr 26 11:24:21 2019
|
Stefan, will send the info off this forum.
Heinz
Heinz Junkes wrote: |
I ask my users where they had the problems and then create a demo for testing.
Thanks Heinz
Stefan Ritt wrote: |
So you are telling me that "Restrict edit time" is not working correctly? In order to fix any problem, I have to reproduce it. Can you post a minimel elogd.cfg file with which I can reproduce the problem?
Stefan
Heinz Junkes wrote: |
Sorry,
I meant "read only" by using "Restrict edit time" settings. e.g.
Restrict edit time = 24
I understand this to mean that an entry should not be able to be modified after 24 hours.
Heinz
Stefan Ritt wrote: |
There is no "read only" flag. Please describe what you exactly did. Probably you want "Restrict edit time" for that.
Stefan
Heinz Junkes wrote: |
Thanks for the answer. The real problem is that you can overwrite existing entries even if you have set an entry to "read only", i.e. you have forbidden further editing.
Heinz
Stefan Ritt wrote: |
There are two ways:
1) Use different password files for different logbooks. Each password file contains only those users which have access to that logbook.
2) Use "Login user = <usr list>" to restrict access to certain users in that list.
Stefan
Heinz Junkes wrote: |
Since there's no answer to that.
I am the only one with the problem? Did I just configure something wrong?
Thanks Heinz
Heinz Junkes wrote: |
submissions via the elog - program can overwrite entries even if the user has no edit rights
|
|
|
|
|
|
|
|
|
Re: elog program does not respect "Allow edit" list, posted by Stefan Ritt on Fri Apr 26 17:22:46 2019
|
Ok, I found the issue. The "Restrict edit time" is only checked when one clicks on "Edit" in the browser. The elog command line tool does not really an edit, but just submits an entry with an (old) ID. I added a check also for that case so now it should work. The commit is in git.
Stefan
Heinz Junkes wrote: |
Stefan, will send the info off this forum.
Heinz
Heinz Junkes wrote: |
I ask my users where they had the problems and then create a demo for testing.
Thanks Heinz
Stefan Ritt wrote: |
So you are telling me that "Restrict edit time" is not working correctly? In order to fix any problem, I have to reproduce it. Can you post a minimel elogd.cfg file with which I can reproduce the problem?
Stefan
Heinz Junkes wrote: |
Sorry,
I meant "read only" by using "Restrict edit time" settings. e.g.
Restrict edit time = 24
I understand this to mean that an entry should not be able to be modified after 24 hours.
Heinz
Stefan Ritt wrote: |
There is no "read only" flag. Please describe what you exactly did. Probably you want "Restrict edit time" for that.
Stefan
Heinz Junkes wrote: |
Thanks for the answer. The real problem is that you can overwrite existing entries even if you have set an entry to "read only", i.e. you have forbidden further editing.
Heinz
Stefan Ritt wrote: |
There are two ways:
1) Use different password files for different logbooks. Each password file contains only those users which have access to that logbook.
2) Use "Login user = <usr list>" to restrict access to certain users in that list.
Stefan
Heinz Junkes wrote: |
Since there's no answer to that.
I am the only one with the problem? Did I just configure something wrong?
Thanks Heinz
Heinz Junkes wrote: |
submissions via the elog - program can overwrite entries even if the user has no edit rights
|
|
|
|
|
|
|
|
|
|
Can't subscribe email to logbooks in different top groups, posted by Ben Loer on Thu Apr 11 20:31:55 2019
|
We're running elogd behind an apache proxy server, with Authentication = Webserver. We have top groups configured, but a single shared password file.
If a user is looking at a particular logbook and goes to the Config link, they are presented with a list of checkboxes for email subscription to logbooks in that top group. Clicking "Save" will remove all email subscriptions from all other top groups.
Is there a workaround to this issue?
EDIT: Manually adding an entry for different logbooks in the password file gets clobbered the next time the user logs in. |
Re: Can't subscribe email to logbooks in different top groups, posted by Stefan Ritt on Fri Apr 12 15:43:42 2019
|
Top groups should use separate password files, otherwise things can mess up.
Stefan
Ben Loer wrote: |
We're running elogd behind an apache proxy server, with Authentication = Webserver. We have top groups configured, but a single shared password file.
If a user is looking at a particular logbook and goes to the Config link, they are presented with a list of checkboxes for email subscription to logbooks in that top group. Clicking "Save" will remove all email subscriptions from all other top groups.
Is there a workaround to this issue?
EDIT: Manually adding an entry for different logbooks in the password file gets clobbered the next time the user logs in.
|
|
How to edit Elog landing pages., posted by John on Thu Mar 14 06:38:12 2019
|
Hi and thanx for such a wonderful program! I was wondering how I might edit, change or add to the landing pages. In other words the first pages that show up (or any for that matter) when you login to a book. I can view the code ok in my browser using that function, but when I search for the actual page and it's locale, I cannot find it. Is it created on the fly by the server? If so, how can I change them.. as I want to add for instance javascripts to manipulate the pages and data more, without actually loosing the main essence of the program (log books). Thanx |
Re: How to edit Elog landing pages., posted by John on Sun Mar 17 00:40:42 2019
|
Well I answered part of my own question already.. I can have a start page different from what is default, and I can edit the orginal one by simply copying it and modifiying it to my hearts desire. I still have isues after making menu selections from that page tho, when the program (server) takes me to a site called for example: ../forum/index.html?cmd=Config. I cannot find out how to prevent or modify this behaviour. I am supposing tho, that because I am using my own original index.html (start page), that the program is not modifying it (on the fly), like it does with the oringal web pages? I am also still currious if the program does indeed create/modify pages on the fly, and if it does, where does it store them on my hard drive (or is it only put in memory temporaly?). Thanx again :)
John wrote: |
Hi and thanx for such a wonderful program! I was wondering how I might edit, change or add to the landing pages. In other words the first pages that show up (or any for that matter) when you login to a book. I can view the code ok in my browser using that function, but when I search for the actual page and it's locale, I cannot find it. Is it created on the fly by the server? If so, how can I change them.. as I want to add for instance javascripts to manipulate the pages and data more, without actually loosing the main essence of the program (log books). Thanx
|
|
Re: How to edit Elog landing pages., posted by Stefan Ritt on Thu Apr 4 12:53:09 2019
|
Per default, all pages are created dynamically by elogd directly from its C code. So nothing to change easily except hacking the code. There is one exception which is the start page you found already. To change any other page, you have to modify the C code. There is one more (dirty) trick: You can sneak in JavaScript code on every page via the "bottom text" option. This code can then modify the DOM tree and changes pages, but you need to program this in JavaScript.
Stefan
John wrote: |
Well I answered part of my own question already.. I can have a start page different from what is default, and I can edit the orginal one by simply copying it and modifiying it to my hearts desire. I still have isues after making menu selections from that page tho, when the program (server) takes me to a site called for example: ../forum/index.html?cmd=Config. I cannot find out how to prevent or modify this behaviour. I am supposing tho, that because I am using my own original index.html (start page), that the program is not modifying it (on the fly), like it does with the oringal web pages? I am also still currious if the program does indeed create/modify pages on the fly, and if it does, where does it store them on my hard drive (or is it only put in memory temporaly?). Thanx again :)
John wrote: |
Hi and thanx for such a wonderful program! I was wondering how I might edit, change or add to the landing pages. In other words the first pages that show up (or any for that matter) when you login to a book. I can view the code ok in my browser using that function, but when I search for the actual page and it's locale, I cannot find it. Is it created on the fly by the server? If so, how can I change them.. as I want to add for instance javascripts to manipulate the pages and data more, without actually loosing the main essence of the program (log books). Thanx
|
|
|
Re: How to edit Elog landing pages., posted by John on Thu Apr 4 20:30:29 2019
|
Wow Stefan thanks for your kind reply. This gives me a reason to finally pickup JavaScript, which I am finding both easy and fun, esepcially with all the modules/coding out there already, which makes things easier to do while learning it! I will let you know as I progress on my 'top secret' hack of your masterpiece ;)
Stefan Ritt wrote: |
Per default, all pages are created dynamically by elogd directly from its C code. So nothing to change easily except hacking the code. There is one exception which is the start page you found already. To change any other page, you have to modify the C code. There is one more (dirty) trick: You can sneak in JavaScript code on every page via the "bottom text" option. This code can then modify the DOM tree and changes pages, but you need to program this in JavaScript.
Stefan
John wrote: |
Well I answered part of my own question already.. I can have a start page different from what is default, and I can edit the orginal one by simply copying it and modifiying it to my hearts desire. I still have isues after making menu selections from that page tho, when the program (server) takes me to a site called for example: ../forum/index.html?cmd=Config. I cannot find out how to prevent or modify this behaviour. I am supposing tho, that because I am using my own original index.html (start page), that the program is not modifying it (on the fly), like it does with the oringal web pages? I am also still currious if the program does indeed create/modify pages on the fly, and if it does, where does it store them on my hard drive (or is it only put in memory temporaly?). Thanx again :)
John wrote: |
Hi and thanx for such a wonderful program! I was wondering how I might edit, change or add to the landing pages. In other words the first pages that show up (or any for that matter) when you login to a book. I can view the code ok in my browser using that function, but when I search for the actual page and it's locale, I cannot find it. Is it created on the fly by the server? If so, how can I change them.. as I want to add for instance javascripts to manipulate the pages and data more, without actually loosing the main essence of the program (log books). Thanx
|
|
|
|
elog.css and lock.png fail to load with top groups, posted by Ben Loer on Thu Mar 21 16:14:00 2019
|
As the title says, we have our elog running behind an Apache proxy that is also providing authentication. We also have top groups enabled. The first time a user views a top group page with a fresh browser cache, the index is delivered, but requests for elog.css and lock.png are returned with http 302 with location set to the elog root. (I.e., if the server is proxied under server.example.com/logs, the first request for server.example.com/logs/TopGroup1/elog.css returns a 302 with location set to server.example.com/logs// ).
Any subsequent visits return the files fine. The attached screenshot shows the network requests in chrome.
Is this a proxy configuration issue, something we've set wrong in elog, ??
|
Re: elog.css and lock.png fail to load with top groups, posted by Stefan Ritt on Thu Apr 4 12:12:58 2019
|
Looks more like a bug to me. Will investigate.
Stefan
Ben Loer wrote: |
As the title says, we have our elog running behind an Apache proxy that is also providing authentication. We also have top groups enabled. The first time a user views a top group page with a fresh browser cache, the index is delivered, but requests for elog.css and lock.png are returned with http 302 with location set to the elog root. (I.e., if the server is proxied under server.example.com/logs, the first request for server.example.com/logs/TopGroup1/elog.css returns a 302 with location set to server.example.com/logs// ).
Any subsequent visits return the files fine. The attached screenshot shows the network requests in chrome.
Is this a proxy configuration issue, something we've set wrong in elog, ??
|
|
elog client through proxy, posted by gibelin julien on Mon Mar 25 12:31:34 2019
|
Dear users,
we started an elog serveur (using ssl) and open to the world which is working fine.
However I am trying to access it via the command line client, from a computer that uses a proxy to connect to internet.
The environnment variable are set :
declare -x ftp_proxy="ftp://myproxy:3128/"
declare -x http_proxy="http://myproxy:3128/"
declare -x https_proxy="https://myproxy:3128/"
declare -x socks_proxy="socks://myproxy:3128/"
but when I try to connect
elog -h myelog -p 443 -l lognote -s 1 -u username passwd -w last
I have the following message :
Cannot connect to host myelog, port 44
How should I proceed ?
Best regards
JG
:
|
Re: elog client through proxy, posted by Stefan Ritt on Thu Apr 4 11:57:46 2019
|
The "elog" client does unfortunately not support proxies. You could however achieve the same with the "curl" tool. Have a look at elog:68597
Stefan
gibelin julien wrote: |
Dear users,
we started an elog serveur (using ssl) and open to the world which is working fine.
However I am trying to access it via the command line client, from a computer that uses a proxy to connect to internet.
The environnment variable are set :
declare -x ftp_proxy="ftp://myproxy:3128/"
declare -x http_proxy="http://myproxy:3128/"
declare -x https_proxy="https://myproxy:3128/"
declare -x socks_proxy="socks://myproxy:3128/"
but when I try to connect
elog -h myelog -p 443 -l lognote -s 1 -u username passwd -w last
I have the following message :
Cannot connect to host myelog, port 44
How should I proceed ?
Best regards
JG
:
|
|
Hiding Logbook tabs, posted by Alan Grant on Thu Mar 28 21:55:14 2019
|
I know you can restrict access to logbooks on per user basis but can anyone tell me if it is possible to HIDE certain logbook tabs/groups on per user basis (ie, so they would just see logbooks they are authorized to see)? |
Reverse proxy setting of Elog for Apache httpd 2.4 so that changing password windows works ?, posted by Takashi Ichihara on Tue Mar 19 06:13:03 2019
|
In CentOS 7.6 + Apache httpd-2.4.6 + ELOG V3.1.4 environment with Reverse Proxy setting of
/etc/httpd/conf/httpd.conf
:
ProxyRequests Off
RedirectMatch ^/elog$ /elog/
<Location /elog/>
ProxyPass http://mmm.riken.jp:3333/
ProxyPassReverse http://mmm.riken.jp:3333/
ProxyPassReverseCookiePath / /elog/
</Location>
:
It almost works fine. But Changing password has problem.
When clicking the "Forget password?" link in login window and displaying "Entering your user name or email address"
and entering it, an email is sent to the user:
----
This is an automatically generated account recovery email for host mmmm.riken.jp.
Please click on following link to recover your account:
http://mmm.riken.jp/elog/?redir=%3Fcmd%3DChange+password%26oldpwd%3DIHCPHXNTMJGEYDKY&uname=test&upassword=IHCPHXNTMJGEYDKY
ELOG Version 3.1.4
---
Clicking the URL above in the Firefox Browser results invalid URL:
http://mmm.riken.jp/?cmd=Change%20password&oldpwd=IHCPHXNTMJGEYDKY
These parameters does not pass to the elog by the Reverse Proxy setting above.
While accessing the URL of (native elog port: 3333)
http://mmm.riken.jp:3333/?cmd=Change%20password&oldpwd=IHCPHXNTMJGEYDKY
displays the normal page for Changing password windows for the user.
Is there any suggestions for the Reverse Proxy setting in Apache httpd 2.4
so that the changing password windows works fine ?
Thank you for any suggestions. |
Re: Reverse proxy setting of Elog for Apache httpd 2.4 so that changing password windows works ?, posted by Takashi Ichihara on Tue Mar 26 06:41:21 2019
|
The problem was resolved. I forgot to do this statement...
https://elog.psi.ch/elog/adminguide.html
Because elogd uses links to itself (for example in the email notification and the redirection after a submit), it has to know under which URL it is running. If you run it under a proxy, you have to add the line:
URL = http://your.proxy.host/subdir/
into elogd.cfg.
After inserting the URL in elogd.cfg, elog works correctly with Reverse Proxy Setting of Apache 2.4.
Takashi Ichihara wrote: |
In CentOS 7.6 + Apache httpd-2.4.6 + ELOG V3.1.4 environment with Reverse Proxy setting of
/etc/httpd/conf/httpd.conf
:
ProxyRequests Off
RedirectMatch ^/elog$ /elog/
<Location /elog/>
ProxyPass http://mmm.riken.jp:3333/
ProxyPassReverse http://mmm.riken.jp:3333/
ProxyPassReverseCookiePath / /elog/
</Location>
:
It almost works fine. But Changing password has problem.
When clicking the "Forget password?" link in login window and displaying "Entering your user name or email address"
and entering it, an email is sent to the user:
----
This is an automatically generated account recovery email for host mmmm.riken.jp.
Please click on following link to recover your account:
http://mmm.riken.jp/elog/?redir=%3Fcmd%3DChange+password%26oldpwd%3DIHCPHXNTMJGEYDKY&uname=test&upassword=IHCPHXNTMJGEYDKY
ELOG Version 3.1.4
---
Clicking the URL above in the Firefox Browser results invalid URL:
http://mmm.riken.jp/?cmd=Change%20password&oldpwd=IHCPHXNTMJGEYDKY
These parameters does not pass to the elog by the Reverse Proxy setting above.
While accessing the URL of (native elog port: 3333)
http://mmm.riken.jp:3333/?cmd=Change%20password&oldpwd=IHCPHXNTMJGEYDKY
displays the normal page for Changing password windows for the user.
Is there any suggestions for the Reverse Proxy setting in Apache httpd 2.4
so that the changing password windows works fine ?
Thank you for any suggestions.
|
|
Interfaced with SSO, posted by Patricia Mendez Lorenzo on Fri Mar 22 09:53:39 2019
|
Dear Supporters,
I am evaluating the elog software as lobgook for high energy pgysics and I was just wondering the interface with SSO from the login point of view. Once euthenticated with SSO, can this authentication be also recognized by elog?
Thank you so much
Best Regards,
PAtricia |
Re: Interfaced with SSO, posted by Andreas Luedeke on Fri Mar 22 11:52:46 2019
|
ELOG understands kerberos authentication (See https://elog.psi.ch/elog/config.html#access).
If your SSO works with kerberos, then your SSO user name and password can be used to sign in to ELOG. But I'm not sure if that is what you are asking for...
Cheers, Andreas
Patricia Mendez Lorenzo wrote: |
Dear Supporters,
I am evaluating the elog software as lobgook for high energy pgysics and I was just wondering the interface with SSO from the login point of view. Once euthenticated with SSO, can this authentication be also recognized by elog?
Thank you so much
Best Regards,
PAtricia
|
|