Is it correct that any user can edit any reference? If so, is it possible to disable this feature such that:
1. The administrator can edit all references,
2. Only the user that submitted the entry can edit it?
Yes-anyone can edit any reference.
Matthias replied in the previous thread in this forum that management of permissions on a per-user basis was a future goal of the project.
Until then, a quick-and-dirty work-around for the current codebase would be to modify the source so that it stores the name of the user who submitted the entry in a field (I'd probably put some mark in the User Notes field). Then, before you allow editing, perform a simple check that this field confirms originatorship by the logged in user or that the person is the administrator. The downside is that if user modifications to this field could lock any except for the admin from being able to edit the record. Of course the upside is that, depending on how you implement this, you can also assign the right to edit to additional users. If the downside is too great, you can further modify the source so that the field isn't editable by anyone except for the admin.
I'm certain that there are better implementations, but this one would be a fairly simple change.
Thanks for the comment. I thought about modifying the code. If I would do that, I would like to do it such a way that it will be included in your project - thereby keeping my version updateable.
But first I have to ask my boss if he is willing to give me time for this.
Log in to post a comment.
Sign up for the SourceForge newsletter:
You seem to have CSS turned off.
Please don't fill out this field.