| ID |
Date |
Icon |
Author |
Author Email |
Category |
OS |
ELOG Version |
Subject |
|
65883
|
Thu May 15 18:36:55 2008 |
 | Devin Bougie | dab66@cornell.edu | Bug report | | | reset password link when using proxy | For heightened security, we allow access to our ELOG installation from offsite through an apache proxy. Therefore, the URL for our ELOG becomes http://www.lepp.cornell.edu/proxy/elog/ . Everything seems to work properly with this setup except for the "reset password" utility. When trying to reset ones password, the link sent in the "Password recovery" email becomes, for example:
http://www.lepp.cornell.edu/proxy/elog/ERL+W128/?redir=%3Fcmd%3DChange+password...
When using this link, the redirect redirects you to:
http://www.lepp.cornell.edu/ERL+W128/?cmd=Change%20password...
Which does not work. Instead, the redirect should point to:
http://www.lepp.cornell.edu/proxy/elog/ERL+W128/?cmd=Change%20password...
Any suggestions or workarounds would be greatly appreciated.
Many thanks,
Devin
|
|
65882
|
Thu May 15 17:45:44 2008 |
 | Grant Jeffcote | grant@jeffcote.org | Question | | 2.7.3-1024 | Re: Access Control |
| Grant Jeffcote wrote: |
| Yoshio Imai wrote: |
| Grant Jeffcote wrote: | | At present we can give others a full view by adding them to the 'Users' list for each individual logbook, this unfortunately also gives them 'write' access. |
I think the solution to your problem would be to use Deny statements in the configuration sections for the logbooks.
Assume user1, user2 and user3 are in the "owners'" group of logbook1, and user4 and user5 only have "privileged read" access. Then a configuration as follows might help:
Login user = user1, user2, user3, user4, user5
Deny New = user4, user5
Deny Reply = user4, user5
Deny Duplicate = user4, user5
Deny Edit = user4, user5
Deny Delete = user4, user5
Deny Select = user4, user5
Deny CSV Import = user4, user5
This should give them the same read permissions as the logbook owners but should deny any writing operations. I recognize that this is a little bit of admin work if the lists of such "privileged readers" gets long, but each user would have his/her individual password (even the same as for access to his/her "own" logbook).
Perhaps you can give it a try. |
What a great solution, thanks Yoshio, it works a treat. |
Is there any way to give a logged in user a 'Guest' view on certain logbooks?
Unfortunately at the moment if they are not in the 'login users = ' group they are automatically logged out and have to re-log back into their own logbook. |
|
65881
|
Thu May 15 01:06:21 2008 |
| Dennis Seitz | dseitz@cosmology.berkeley.edu | Question | All | latest | Re: Re: $entry time not readable by Subst, else not datetime type? |
| Dennis Seitz wrote: | I posted this on the end of an earlier thread but I thought it might be better to repost as a separate thread:
Thank you for pointing out the method to identify an attribute as a datetime type so that it will sort properly. I now have created my "Last Edit" attribute in several
preexisting logbooks.
I want to use
Start page = ?rsort=Last Edit
to set the default sorting of each logbook to be by Last Edit.
However, all of the entries made before I added Last Edit have no value for that field, so they are all grouped together at the end of the sort. So I
decided to go through the older entries and set Last Edit equal to the original entry date, as a starting value.
I tried to use the command
Subst on edit Last Edit = $entry time
but it gives a "-" for the Last Edit value when I edit an entry.
I think this is because $entry time is not a variable supported by Subst. Can you add that support, or else tell me if you know a better way to go about
doing what I'm attempting? Is there perhaps a way to globally process a group of entries in a logbook and set one attribute's value to be equal to
another's? To reiterate, I want to initialize Last Edit = $entrytime for all entries that have not been re-edited.
Thanks |
OK, now I realize how stupid I sound here. To partially answer my own question: $entry time is a string and Last Edit is now a number since I have changed it to the datetime type so that it will sort properly.
So I can't make Last Edit = $entry time. Is there some way I can access the entry time in datetime format so that I can set Last Edit equal to that?
Sorry if I'm missing something obvious, I'm confused... |
|
65880
|
Tue May 13 21:56:30 2008 |
| Grant Jeffcote | grant@jeffcote.org | Question | | 2.7.3-1024 | Re: Access Control |
| Yoshio Imai wrote: |
| Grant Jeffcote wrote: | | At present we can give others a full view by adding them to the 'Users' list for each individual logbook, this unfortunately also gives them 'write' access. |
I think the solution to your problem would be to use Deny statements in the configuration sections for the logbooks.
Assume user1, user2 and user3 are in the "owners'" group of logbook1, and user4 and user5 only have "privileged read" access. Then a configuration as follows might help:
Login user = user1, user2, user3, user4, user5
Deny New = user4, user5
Deny Reply = user4, user5
Deny Duplicate = user4, user5
Deny Edit = user4, user5
Deny Delete = user4, user5
Deny Select = user4, user5
Deny CSV Import = user4, user5
This should give them the same read permissions as the logbook owners but should deny any writing operations. I recognize that this is a little bit of admin work if the lists of such "privileged readers" gets long, but each user would have his/her individual password (even the same as for access to his/her "own" logbook).
Perhaps you can give it a try. |
What a great solution, thanks Yoshio, it works a treat. |
|
65879
|
Tue May 13 16:58:40 2008 |
| Yoshio Imai | | Question | | 2.7.3-1024 | Re: Access Control |
| Grant Jeffcote wrote: | | At present we can give others a full view by adding them to the 'Users' list for each individual logbook, this unfortunately also gives them 'write' access. |
I think the solution to your problem would be to use Deny statements in the configuration sections for the logbooks.
Assume user1, user2 and user3 are in the "owners'" group of logbook1, and user4 and user5 only have "privileged read" access. Then a configuration as follows might help:
Login user = user1, user2, user3, user4, user5
Deny New = user4, user5
Deny Reply = user4, user5
Deny Duplicate = user4, user5
Deny Edit = user4, user5
Deny Delete = user4, user5
Deny Select = user4, user5
Deny CSV Import = user4, user5
This should give them the same read permissions as the logbook owners but should deny any writing operations. I recognize that this is a little bit of admin work if the lists of such "privileged readers" gets long, but each user would have his/her individual password (even the same as for access to his/her "own" logbook).
Perhaps you can give it a try. |
|
65878
|
Mon May 12 10:16:21 2008 |
 | Grant Jeffcote | grant@jeffcote.org | Question | | 2.7.3-1024 | Access Control | Hi Stefan,
We have a configuration where different sites have their own logbooks all under the same server, these are accessed by relevant parties as you might expect by selecting the appropriate tab at the top of the page.
Everyone has visibility of everyone elses logbook as a guest but we have purposely limited the 'Guest' users view (hiding the text portion etc) for various reasons.
We would now like to allow certain parties to view certain logbooks in their entirety but with a 'Read Only' view, I see this can be done but only using a common password. (Read password = <encoded password>)
At present we can give others a full view by adding them to the 'Users' list for each individual logbook, this unfortunately also gives them 'write' access. Also if they click on the tab for a logbook that they are not a 'User' for they are logged out of their existing logbook forcing them to have to log back on. If they are designated in a 'Read Only' viewers list for that logbook then their existing password would presumably be read from the global password file and they wouldn't be logged out?
I would like to be able to implement a 'Read' access view for some parties but not have a common password (use the password file?) and not force the other party to re-logon to view the other logbook.
Something like the ability to add a "Read user = <user list>" in each logbook as can be done with 'Login User' and 'Admin User' at present would be great.
Could you let me know if this is feasible please?
Many thanks in advance. |
|
65877
|
Fri May 9 14:04:42 2008 |
| Franck C | franck.c95@free.fr | Request | Windows | | Re: Can u send me the configuration file for this logbook ? |
| Stefan Ritt wrote: |
|
| Franck C wrote: |
|
Hi, I try to set up a logbook and i wanted to create something with icons (like this logbook) and it will be easier for me if i have ur config file 
Thanks a lot
Franck
|
https://midas.psi.ch/elogs/Config+Examples/2
- Stefan
|
Ok thanks... but i meant this Forum logbook... Can u give me the configuration file and the css file if i need a different one ?
thanks a lot by advance |
|
65876
|
Thu May 8 09:44:48 2008 |
| Paul O'Shaughnessy | paul_o'shaughnessy@inmarsat.com | Request | Windows | 2.7.3 | Re: Extending attribute list |
| Stefan Ritt wrote: |
|
Sorry, but teaching you how to compile C programs is beyond the scope of this forum. Please buy a book for that. Most C compilers also comes with some decent documentation. You might try gcc under cygwin or Visual C++.
|
Stefan,
Thanks for your help. Will get back to you on how compiling the program went. |
|