user access and rights

  • Florence I.T.

    Florence I.T. - 2005-06-20

    I have security setup the way I want it, users cannot see each other projects, etc.. but:

    Is there a further way to limit users from seeing each other in the global users list? I don't see a way to disable that. If there is no allowance for securing that list I think maybe disbaling that whoil menu option would be sufficient if I knew where to look. Or perhaps theres a better way to hide that view?

    Really great piece of software I have to say!!


    • Martin Vernooij

      Martin Vernooij - 2005-06-20

      Thanks for the feedback. :-))

      OPT is originally developed with the idea everyone can see everyone. Based on the more recent developments in the Internet world, that's maybe no longer applicable and should be reconsidered. Anyway, if you don't want to see other groups, you can set the variable:
      "hide_other_groups_from_all_but_first_group" to 1 (Admin->Settings). It still shows you the users, but you cannot click on them anymore. It will show the emaill address though.

      If you want it completely different, you'll need to go to
      <install_dir>/opt/people/ and you will find a file called index.php. You could remove the column (or blank it) for the email address.

      But then you have to fiddle around with the php code to display what you want.

      My 1st idea is to change  line 30, where it reads:
        $result = crm_elements("people", "order by $order_by $order");

      Create your own query, either by staying with the crm_elements function, or replacing it all together. But beware, that if you create you're own SQL query, even the admin will not see the user list.

      Goodluck, Martin

    • Florence I.T.

      Florence I.T. - 2005-06-22

      That does work, thanks, however:

      Ive noticed that i can see the full user info in the people-groups view as well. .
      Ive messed with the php (i don;t know php other than whats obviois by looking at the code) enough to disable that list under people-users, which is sufficient for my needs. I also could do the same for the groups list i suppose in the same way you have instructed. Ill try that as well. this might be worth leanrning some phop sdo i could get this to check user access (if i had time!). in the meantime i might just disable both listings.. thanks!


Log in to post a comment.