Joomla! Issue Tracker - CMS

Download
Launch
Feeling Lucky

[#22239] - [modules] - only for superadmin eyes

? ? Pending

User tests: Successful: Unsuccessful:

avatar alikon
alikon
18 Sep 2018

Pull Request for Issue #22236.

Summary of Changes

  • module mod_latestactions
  • module mod_privacy_dashboard

are for superadmin eyes only

Testing Instructions

see #22236

Expected result

only superadmin can see data

Actual result

administrators can see these 2 privacy tools modules data

avatar alikon alikon - open - 18 Sep 2018
avatar alikon alikon - change - 18 Sep 2018
Status New Pending
avatar joomla-cms-bot joomla-cms-bot - change - 18 Sep 2018
Category Modules Administration
avatar alikon alikon - change - 18 Sep 2018
The description was changed
avatar alikon alikon - edited - 18 Sep 2018
avatar alikon alikon - change - 18 Sep 2018
Labels Added: ?
avatar Sandra97
Sandra97 - comment - 19 Sep 2018

The short link to the Privacy Information Requests should probably also be hidden for non Super Users as they're not allowed to see the screen?
index

avatar roland-d
roland-d - comment - 19 Sep 2018

I wonder if we should have a new ACL setting for privacy. In that sense a security officer can have access to this without needing super user priviliges.

avatar mbabker
mbabker - comment - 19 Sep 2018

I wonder if we should have a new ACL setting for privacy. In that sense a security officer can have access to this without needing super user priviliges.

You can't without having potential ACL bypass scenarios come up for that role. See #20281 (comment) for additional details.

avatar brianteeman
brianteeman - comment - 25 Sep 2018

I have tested this item successfully on 8dfb8ff

This comment was created with the J!Tracker Application at issues.joomla.org/tracker/joomla-cms/22239.

avatar brianteeman brianteeman - test_item - 25 Sep 2018 - Tested successfully
avatar csthomas
csthomas - comment - 25 Sep 2018

I have tested this item successfully on 8dfb8ff

At the moment it's OK, but in the future there should be a more advanced solution.

This comment was created with the J!Tracker Application at issues.joomla.org/tracker/joomla-cms/22239.

avatar csthomas csthomas - test_item - 25 Sep 2018 - Tested successfully
avatar Quy Quy - change - 25 Sep 2018
Status Pending Ready to Commit
avatar Quy
Quy - comment - 25 Sep 2018

RTC

This comment was created with the J!Tracker Application at issues.joomla.org/tracker/joomla-cms/22239.

avatar Quy
Quy - comment - 25 Sep 2018

@alikon Please merge alikon#46 to fix the issue pointed out by @Sandra97 Thanks

avatar alikon alikon - change - 25 Sep 2018
Labels Added: ?
avatar joomla-cms-bot joomla-cms-bot - change - 25 Sep 2018
Category Modules Administration Modules Administration Front End Plugins
avatar alikon
alikon - comment - 25 Sep 2018

thank you @Quy merged
please @Sandra97 et all re-test

avatar Quy Quy - change - 25 Sep 2018
Status Ready to Commit Pending
avatar Quy
Quy - comment - 25 Sep 2018

Remove RTC

This comment was created with the J!Tracker Application at issues.joomla.org/tracker/joomla-cms/22239.

avatar Sandra97
Sandra97 - comment - 25 Sep 2018

I have tested this item successfully on 71f57b5

All works fine for me.
Good bye "unknown requests" for non Super Users;)
Thanks Nicola.

This comment was created with the J!Tracker Application at issues.joomla.org/tracker/joomla-cms/22239.

avatar Sandra97 Sandra97 - test_item - 25 Sep 2018 - Tested successfully
avatar infograf768
infograf768 - comment - 26 Sep 2018

I have tested this item successfully on 71f57b5

This comment was created with the J!Tracker Application at issues.joomla.org/tracker/joomla-cms/22239.

avatar infograf768 infograf768 - test_item - 26 Sep 2018 - Tested successfully
avatar infograf768
infograf768 - comment - 26 Sep 2018

Note: it works but an administrator may still edit the modules themselves

avatar csthomas
csthomas - comment - 26 Sep 2018

IMO this solution is temporary.

There should be a permission table who can create module, who edit, etc.
Similar to components, we need access.xml for modules.

avatar infograf768 infograf768 - change - 26 Sep 2018
Status Pending Ready to Commit
Labels
avatar infograf768
infograf768 - comment - 26 Sep 2018

RTC

This comment was created with the J!Tracker Application at issues.joomla.org/tracker/joomla-cms/22239.

avatar mbabker mbabker - change - 2 Oct 2018
Status Ready to Commit Fixed in Code Base
Closed_Date 0000-00-00 00:00:00 2018-10-02 16:13:43
Closed_By mbabker
Labels
avatar mbabker mbabker - close - 2 Oct 2018
avatar mbabker mbabker - merge - 2 Oct 2018

Add a Comment

Login with GitHub to post a comment