New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Roles and Permissions #803
base: develop
Are you sure you want to change the base?
Conversation
…caping Do not escape html for post order message
Fix XSS and 500 error if version check fails
Corrected 500 internal server error in accessing Account Settings in top right dropdown options, caused by Validator being used when already in use within the same controller (app/Http/Controllers/ManageAccouuntController.php). No problems seem to be caused by this fix.
Update ManageAccountController.php
d0b1b56
to
7d5da34
Compare
@etiennemarais This is slightly outside of the scope of this original dev, but would it be worth considering adding an additional level of user? I was thinking a booking contact, or similar role. It could be used by others down the line for allowing user registration for orders, and then logging in to view their order history for events, or for secure order changes such as for #858. |
@etiennemarais I'm loving this feature. I put an issue up a while back that this relates to #800. From what I can see this feature helps towards this, but I don't think fully does. From what I can see a super admin can view all organizers, but there isn't a way to have the same abilities as the super admin, but limit the user to just one organizer. Does that make sense? My ideal is for a universal super admin that can access all organizers, and for there to then be a super admin that can be restricted to a selected organizer. There might be a better term for the latter option, but I use it to detail the type of access it should have. Currently when you create a user you can specify the organiser which then determines access. Would it be helpful for this to determine for the Super Admin access I've mentioned? It could be listed as a dropdown in the user panel, with a 'Access All' for the main Super User. |
Any progress on this being reviewed and merged? |
Yes, my goal is to get it into the next release going out in May. @justynpride @publicarray have you both been using this feature in production for a while now? It works fine so far from what you've seen? |
@johannac That's helpful to know. Thanks for all you do on this project. I've not been using this in production yet. I've just had another more thorough review of it. From what I can see and test it works as you expect. However if you have multiple organizations using the system then this won't quite work as you might want it to. Basically you want the main organiser account to only be able to see and manage the users for their organization. I just realized that a super admin can see and edit the users for other organizations. A couple of helpful features for the future could be:
|
Also tested this feature, planning to use in staging for a while.
Other than these |
@quentincaffeino personally I’d love to see this feature merged in, especially once some of these items have been addressed. Those items are to reduce end user frustration! One thing I’d love to see is a booking contact level so that a user can log in and make orders and review previous orders, in the same way that you can with Eventbrite and other systems. It feels like a next obvious use for this feature. |
Sorry, my bad, updating works. Forgot to rebuild js. |
…ermissions-deleting-users
…sions-deleting-users Roles and Permissions: Deactivate, Restore, Delete and send invitations to users
@quentincaffeino @justynpride just checking -- apart from general QA and testing, there is only 1 outstanding functionality issue with this system which was originally noted here (#957 (comment)) which is what to do about the Super Admin role and determining how it should work across repositories -- is that right? |
From my perspective that is correct. Thanks for looking at this. |
Tbh don't remember because I haven't touched Attendize since 2021 |
Did this get pushed to the main stream? Im not seeing these changes in the current build that I have. Is there a way I need to enable them? Thanks! |
Summary
We wanted to have a basic set of user roles and permissions to allow for varying behaviour of the system based on a user's assigned role and/or permissions.
Story map and permission's list
Use cases
Roles/Permissions list
Changes
user
role to them,super admin
needs to be assigned manuallycan manage events
permission to users based on clicking the checkboxDemo
If you want to test and check out the branch you can run these commands to get you started on a fresh database:
composer install php artisan migrate:refresh --seed && php artisan db:seed --class=RolesPermissionsLocal
That will demo seed a bunch of users to try out with their roles already set (we don’t have a dedicated UI for them yet)
Screenshots
Can toggle the role and extended permissions
Can select the organiser this user belongs to as well as the Role
The whole new Role/Permission assignment UI - Only available to super admins