Removing webtop Dashboard access permissions borks user profile editing

#1

This worked find for me. I did not have to modify core in any way to change my password while logged into the webtop.

Problems with webtop security in FC7
#2

Oh wait… I may need to remove permissions for the dashboard to get the error, no? I’ll try that one again later.

#3

OK, yeah, so if I’m logged in as a limited user w/o Dashboard permissions, I get an error about the type not being available. Maybe it is because the user doesn’t have rights to the farUser or dmProfile type?

Error & stack trace:

Message:	Typename is not available:
QueryString:	id=dashboard&typename=farUser&objectid=FD57FF40-0615-11E4-991C8C2DAA3836B5&bodyView=editOwnPassword

/Users/sean/Sites/_frameworks/FarCry/farcry-p700/packages/lib/error.cfc (line: 56)
/Users/sean/Sites/_frameworks/FarCry/farcry-p700/packages/lib/fapi.cfc (line: 1623)
/Users/sean/Sites/_frameworks/FarCry/farcry-p700/tags/webskin/view.cfm (line: 146)
/Users/sean/Sites/_frameworks/FarCry/farcry-p700/tags/webskin/view.cfm (line: 11)
/Users/sean/Sites/_frameworks/FarCry/farcry-p700/tags/webskin/view.cfm (line: 9)
/Users/sean/Sites/_frameworks/FarCry/farcry-p700/tags/webskin/view.cfm (line: 1)
/Users/sean/Sites/_frameworks/FarCry/farcry-p700/webtop/index.cfm (line: 115)
#4

Regarding the user profile / change password pages, currently they rely on the Dashboard being available (this is just the old “Overview” renamed), so removing the Dashboard tab will break things – definitely need to put it back (and give the role permission to view it if necessary).

The idea with the dashboard is that you can create dashboards appropriate to the roles in your system, so each role could have different dashboard or even multiple dashboards rather than all just sharing the same dashboard.

To remove the dashboard we’d need a way to re-home the profile pages (and ensure they could be accessed).

#5

Webtop dashboard is designed to be always present, and easily configurable for roles:
Webtop Dashboard Views

It makes a lot of sense to be able to home universal features like personal profile management under this node. I’m not sure if there is a pragmatic alternative to this.

Perhaps we should be blocking admins from being able to modify permissions on the Dashboard node entirely.

#6

My clients definitely like having some of their users (or groups of users) to only have simple access to edit a single custom type (or two) and nothing special like a dashboard. There are plenty of cases where having the custom dashboard is awesome, but not always. So if we can leave this as optional in FarCry like it is now in FC7 (except without the bug) then it definitely make a lot of users happy.

For now all of my clients continue to use the simple hack I mentioned above which works just fine. I’m just worried that something will change in core in the future that will make this feature go away.

#7

Dashboard is just the new name for the old “Overview” tab.

Did you previously hide the Overview tab from users? AFAIK it was the only place where the user could go to update their profile or change their password, and this is still the case in FC7 (i.e. those forms are still rendered in the context of the Dashboard aka “Overview” tab). Without it we don’t really have a global tab context to bind to.

#8

Yes, I always had to leave it pre-FC7. I see your dilemma though. Oh well. It was definitely nice being able to disable the dashboard for certain users who just needed to simply modify a single type.

Unless there is a way to bind it to a dormant tab that is needed when the overview/dashboard tab isn’t available I guess we are only left with two options:

  1. Don’t allow the ability to disable the dashboard.
  2. or (referring to Geoff’s screenshot above) add a checkbox for “change password” under the access permissions as a child element under Dashboard (if left unchecked, the “change password” link in the header disappears). This would still allow us to disable the dashboard if we desired, but without the option to allow users to change their password.