Is it possible to only show approved entries?

Help
2010-04-20
2013-05-28
  • Matthias Guth
    Matthias Guth
    2010-04-20

    Hi all,

    I wonder if it is possible that only approved entries are visible to "standard users" as default.
    At our institute there are a few persons ("Refbase editors") which take care of importing, adding and editing entries. Now the "standard user" which only have read acces should only see entries already approved by someone of the "Refbase Editors" group. This should be useful eg. if somebody imported a bunch of erroneous entries.

    Greetings,
    Matthias

     
  • Hi Matthias,

    I wonder if it is possible that only approved entries are visible to "standard users" as default.

    This would be a useful feature, and this feature request has come up before (in one form or the another). See e.g. this forum thread:

    https://sourceforge.net/projects/refbase/forums/forum/218758/topic/2236321

    Basically, what would be needed is record-specific permissions:

    http://www.refbase.net/index.php/Planned_feature_additions#Record-specific_permissions

    This feature was discussed quite a few times, but unfortunately nothing has been done about it yet.

    This should be useful eg. if somebody imported a bunch of erroneous entries.

    From my experience, this isn't much of an issue in praxis - especially if the refbase database is monitored closely by the editors.

    But, of course, I see the value in such a feature. Actually, I'd *love* to see this feature in refbase myself, but it's one of the larger tasks to tackle, so I fear it won't come in the near future.

    Matthias

     
  • Matthias Guth
    Matthias Guth
    2010-04-20

    Hi Matthias,

    i've got the record-specific permissions on my "ToDo" list for our institute. But - as you said - this is a big chunk so it is set to lower priority. But I will check if I'll can do this as next task.

    Since I implemented an LDAP-user- and permissionmanagement in our refbase installation (which works quite well :) ) I will have to think about how to combine user-permissions with ref-specific permissions.

    I'll keep you up-to-date on that.

    As an temporarily workaround I was thinking about modifying the SELECT clauses with an "WHERE approved = yes" if the user is not member of the refbase-user-group (LDAP-group). Therefore I could add a session variable storing the group ID for each user. This should be not that difficult to realize. The most time to spend will be on searching the right SELECT clause in the code :)

    Best,
    Matthias