Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

pkp/pkp-lib#9658 user access table and table actions #437

Open
wants to merge 13 commits into
base: main
Choose a base branch
from

Conversation

ipula
Copy link
Contributor

@ipula ipula commented Oct 28, 2024

No description provided.

@ipula ipula force-pushed the ipula/9658-users-table branch from 0c80398 to cdde464 Compare November 1, 2024 12:01
@ipula ipula changed the title user access table and table actions pkp/pkp-lib#9658 user access table and table actions Nov 1, 2024
@jardakotesovec
Copy link
Collaborator

@withanage @ipula Whats missing is to determine which actions would be available to current user. Here is the logic from original table https://github.com/pkp/pkp-lib/blob/72087f4dabb1e80629b33639e3568501fd309fe2/controllers/grid/settings/user/UserGridRow.php#L84

Most complex likely is LoginAs. For that I would ask Hafsa, whether she could introduce it to the /users endpoint as well, because she worked on the reviewers - pkp/pkp-lib#10290

But meanwhile check whether the other checks (for other actions) would be easy to implement client side or whether there is also some additional complexity, where you don't have enough information client side and it would be necessary to calculate it server side.

@ipula
Copy link
Contributor Author

ipula commented Nov 18, 2024

@withanage @ipula Whats missing is to determine which actions would be available to current user. Here is the logic from original table https://github.com/pkp/pkp-lib/blob/72087f4dabb1e80629b33639e3568501fd309fe2/controllers/grid/settings/user/UserGridRow.php#L84

Most complex likely is LoginAs. For that I would ask Hafsa, whether she could introduce it to the /users endpoint as well, because she worked on the reviewers - pkp/pkp-lib#10290

But meanwhile check whether the other checks (for other actions) would be easy to implement client side or whether there is also some additional complexity, where you don't have enough information client side and it would be necessary to calculate it server side.

We can check current user id matching with the userId in the actions in vuejs side and hide the actions that not allowed to by the same user.

@ipula
Copy link
Contributor Author

ipula commented Dec 6, 2024

@jardakotesovec I added the permission check on the loginAs and mergeUser based on pkp/pkp-lib#10658. Please have a look

@ipula ipula force-pushed the ipula/9658-users-table branch from fdfa394 to f286ca7 Compare January 7, 2025 13:08
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

3 participants