Base solution for your next web application
Ends in:
01 DAYS
01 HRS
01 MIN
01 SEC
Open Closed

Users permissions - problems... ideas / wishes #8327


User avatar
1
deltavision created

Hi,

using: Core, MVC, jQuery project - v7.2.2 just a couple of wishes - for the ANZ framework :-)

"Changing permissions" with this disabled for at user - they can still, change (remove/add) roles to users - this should not be possible I think.

"Login as this user" with this enabled - it can be used to login as Admin - and thereby change permission on other users.

Info:


8 Answer(s)
  • User Avatar
    0
    ismcagdas created
    Support Team

    Hi @deltavision

    Couldn't undertstand #1 :), sorry. For #2, I'm not sure. We have to think about it. Adding a second permission could work. You can also do it in your app if that is urgent for you.

  • User Avatar
    0
    deltavision created

    Hi @ismcagdas

    Re.1 If you assign the permissions "Editing user" (or "Creating new user") - but not the "Changing permissions" Then the user can edit/create user (that's ok) - but they can and also assign roles or remove roles (giving a user more or less permissions).

    Re.2 OK

  • User Avatar
    0
    ismcagdas created
    Support Team

    Hi @deltavision

    Thanks, got it. I will create an issue on GitHub and reference it here.

    Thanks again.

  • User Avatar
    0
    ismcagdas created
    Support Team

    This issue is closed because of no recent activity. Please create a new issue if you are still having this problem.

  • User Avatar
    0
    deltavision created

    Hi ismcagdas

    is there a GitHub issue on this?

  • User Avatar
    0
    ismcagdas created
    Support Team

    @deltavision I will check and get back to you.

  • User Avatar
    0
    deltavision created

    Hi @ismcagdas

    any news on these issues :-)

  • User Avatar
    0
    ismcagdas created
    Support Team

    Hi @deltavision

    We couldn't reproduce this on AspNet Zero. Is it possible for you to share your project via email with [email protected] ?

    Thanks,