Opened 6 years ago

Closed 6 years ago

Last modified 6 years ago

#528 closed enhancement (fixed)

Restrict access to some registation wizards

Reported by: Nicklas Nordborg Owned by: Nicklas Nordborg
Priority: major Milestone: Reggie v2.14
Component: net.sf.basedb.reggie Keywords:
Cc:

Description (last modified by Nicklas Nordborg)

There are currently 3 roles in reggie: admin, patient curator and all others. With few exceptions all users have access to the majority of the registration wizards. It would be useful to restrict access to some of the other wizards as well. This should be fairly easy to implement once it has been decided what additional roles that are needed and what wizards they should have access to.

We should add the following new "Roles"

  • SamplePrep: Access to "Sample processing wizards" except "Histology" which is moved to it's own box
  • Histology: Access to the Histology wizards
  • LibraryPrep: Access to "Library preparation wizards" except "Create new mRNA plate"
  • LibraryPlateDesigner: Access to the "Create new mRNA plate" wizard
  • SecondaryAnalysis: Access to the new "Secondary analysis" section that is introduced in #533 (Reggie 2.15)

For the new roles we keep the interface as it is, and only disable the links. This is different from the current way of hiding sections if a user is not "Administrator" or "PatientCurator".

Change History (8)

comment:1 Changed 6 years ago by Nicklas Nordborg

Summary: Add more user roles to ReggieRestrict access to some registation wizards

comment:2 Changed 6 years ago by Nicklas Nordborg

Description: modified (diff)
Milestone: Reggie v2.xReggie v2.14
Status: newassigned

comment:3 Changed 6 years ago by Nicklas Nordborg

Description: modified (diff)

comment:4 Changed 6 years ago by Nicklas Nordborg

(In [2157]) References #528: Restrict access to some registation wizards

Defined several new roles for Reggie. The installation wizard should install them automatically.

The index page will now start with all links disabled and ask about the permissions for the current user. Once the permissions has been retreived the links will be enabled if the user has the requested permission.

comment:5 Changed 6 years ago by Nicklas Nordborg

Resolution: fixed
Status: assignedclosed

comment:6 Changed 6 years ago by Nicklas Nordborg

(In [2158]) References #528: Restrict access to some registation wizards

Fixes an issue with an 'Administrator' not having access to any wizard.

comment:7 Changed 6 years ago by Nicklas Nordborg

(In [2161]) References #528: Restrict access to some registation wizards

Added permission checks in the POST method of servlets to make sure that users can't circomvent the client-side permission checked (which is not too difficult).

comment:8 Changed 6 years ago by Nicklas Nordborg

(In [2169]) References #528: Restrict access to some registation wizards

There was a mismatch between the name of the LibraryPrep and the check made on the index page LibPrep. As a consequence only administrators got access to the library preparation wizards.

Note: See TracTickets for help on using tickets.