Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[admin] Allow non-superadmins to manage their own users #32

Closed
5 tasks done
nemesifier opened this issue Sep 28, 2018 · 2 comments
Closed
5 tasks done

[admin] Allow non-superadmins to manage their own users #32

nemesifier opened this issue Sep 28, 2018 · 2 comments
Assignees
@atb00ker
Labels
enhancement help wanted

Comments

@nemesifier
Copy link
Member

nemesifier commented Sep 28, 2018
edited
Loading

Users which are not a superadmins but have permissions to edit users should work be able to do so in the following way:

  • should be able to see and edit users of the organizations they are member of
  • should not be able to see is_superuser column in list
  • should not be able to see is_superuser field in change form (now is readonly)
  • should be able to add new users but only set them as members of their organization
  • when editing, they shouldn't be able to set users as members of other organizations they are not member of, actually the organization select should only allow them to select one of their orgs

I started some of this in branch https://github.com/openwisp/openwisp-users/tree/issues/32 but I don't have time to finish all these items, help is greatly appreciated.

EDIT: follow up with list of things done and to do on #38
nemesifier added a commit that referenced this issue Sep 28, 2018
@nemesifier
[admin] non-superusers should only see users of their org #32
71c2efa 
Needs automated tests
@nemesifier nemesifier changed the title [admin] Allow operators (non-superadmin) to manage their own users [admin] Allow non-superadmin to manage their own users Sep 28, 2018
@nemesifier nemesifier changed the title [admin] Allow non-superadmin to manage their own users [admin] Allow non-superadmins to manage their own users Sep 28, 2018
nemesifier added a commit that referenced this issue Sep 28, 2018
@nemesifier
[admin] non-superusers should only see users of their org #32
75b020e 
Needs automated tests
@nemesifier nemesifier mentioned this issue Oct 4, 2018
Closed
@atb00ker atb00ker self-assigned this Oct 6, 2018
atb00ker pushed a commit to atb00ker/openwisp-users that referenced this issue Oct 6, 2018
@nemesifier @atb00ker
[admin] non-superusers should only see users of their org openwisp#32
feb0d2c 
Needs automated tests
@atb00ker
Copy link
Member

atb00ker commented Oct 6, 2018
edited
Loading

  1. Should other organisations be visible to operators?
  2. Should operator be allowed to see other organisation owners?
  3. However users are not visible to operator from User list but still visible from Organization users, i think that's unintentional, right? i should implement get_queryset logic for Organization user as well, right?

atb00ker pushed a commit that referenced this issue Oct 6, 2018
@nemesifier @atb00ker
[admin] non-superusers should only see users of their org #32
2c02f93 
Needs automated tests
@nemesifier
Copy link
Member Author

@atb00ker:

Premise, I forgot to tell you I found out this issue: openwisp/openwisp-utils#14
I think it makes more sense to keep the multi-tenancy features (and their tests) in this module rather than openwisp-utils, keep in mind this when working on this issue because you may likely have to edit some of that code.

I was writing a very long reply but I wanted to shorten it: I think I'm either misunderstanding you or something may not be clear.
In this issue I want to focus on openwisp_users.admin.UserAdmin, the other admin classes like OrganizationAdmin, OrganizationUserAdmin, OrganizationOwnerAdmin are restricted (at the moment I always do this manually but with #31 we'll start automating this), I mean usually operators cannot manipulate the models of those admin classes. We can and we should make also those admin classes multitenant but we can work on it in a separate issue or make it a GCI task because it's not very urgent.

f I misunderstood something or something is not clear let me know.

atb00ker pushed a commit that referenced this issue Oct 7, 2018
@nemesifier @atb00ker
[admin] non-superusers should only see users of their org #32
55ad1b3 
Needs automated tests
@atb00ker atb00ker mentioned this issue Oct 8, 2018
Merged
7 tasks
atb00ker pushed a commit to atb00ker/openwisp-users that referenced this issue Oct 24, 2018
@nemesifier @atb00ker
[admin] non-superusers should only see users of their org openwisp#32
5c544f7 
Needs automated tests
atb00ker added a commit that referenced this issue Oct 24, 2018
@atb00ker
[enchancement] hide other org content from operators #32
cc30384 
- operator is able to see and edit users of the organizations
in which they are admin
- `is_superuser` column hidden in list view
- `is_superuser` column hidden in add/change view
- operator is only able to add/change users in
their own organization organization

Closes #32
atb00ker added a commit that referenced this issue Oct 24, 2018
@atb00ker
[enchancement] hide other org content from operators #32
c3e483d 
- operator is able to see and edit users of the organizations
in which they are admin
- `is_superuser` column hidden in list view
- `is_superuser` column hidden in add/change view
- operator is only able to add/change users in
their own organization organization

Closes #32
atb00ker added a commit that referenced this issue Oct 24, 2018
@atb00ker
[admin] hide other org content from operators #32
131f4c7 
- operator is able to see and edit users of the organizations
in which they are admin
- `is_superuser` column hidden in list view
- `is_superuser` column hidden in add/change view
- operator is only able to add/change users in
their own organization organization

Closes #32
atb00ker added a commit that referenced this issue Oct 24, 2018
@atb00ker
[admin] hide other org content from operators #32
6616207 
- operator is able to see and edit users of the organizations
in which they are admin
- `is_superuser` column hidden in list view
- `is_superuser` column hidden in add/change view
- operator is only able to add/change users in
their own organization organization

Closes #32
atb00ker pushed a commit that referenced this issue Oct 24, 2018
@nemesifier @atb00ker
[admin] non-superusers should only see users of their org #32
e6b367a 
Needs automated tests
atb00ker added a commit that referenced this issue Oct 24, 2018
@atb00ker
[admin] hide other org content from operators #32
4552a07 
- operator is able to see and edit users of the organizations
in which they are admin
- `is_superuser` column hidden in list view
- `is_superuser` column hidden in add/change view
- operator is only able to add/change users in
their own organization organization

Closes #32
atb00ker added a commit that referenced this issue Oct 25, 2018
@atb00ker
[admin] hide other org content from operators #32
fa7dddb 
- operator is able to see and edit users of the organizations
in which they are admin
- `is_superuser` column hidden in list view
- `is_superuser` column hidden in add/change view
- operator is only able to add/change users in
their own organization organization

Closes #32
nemesifier added a commit that referenced this issue Oct 26, 2018
@nemesifier
Merge pull request #38 from /issues/32
ff9f97d 
[multi-tenancy] Hide content from operators #32
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@atb00ker atb00ker

Labels
enhancement help wanted
Projects
OpenWISP Contributor's Board
Archived in project
Milestone
No milestone
Development

No branches or pull requests
2 participants
@nemesifier @atb00ker