Restrictions in user management

Create issue
Issue #122 new
Former user created an issue

At this time every user who can create new users can also create an administrator with full rights. Maybe it would be better if a user could only create users with the same or less rights.

One part would be the role of the user: - administrator can create every role - developer can create developers and users - user can only create users (imho this would be logical and has no negative effects)

The other part would be the permissions of the users like "edit properties" or command line access.

Comments (2)

  1. Oliver Schwanke

    Okay, usermanagement and user’s rights would be handled more easily on a OS level, i think.

    So what’s the point in having OS users AND itom users?

    I think it would be cool to be able to manage file/rights on OS level(say, which pyScripts etc can be read/(executed) and so on

    And maybe manage a venv with the itom users. This would make itom a more sophisticated python IDE.

    But settings would have to be stored on a per-user(OS) basis, e.g. in ~/.itom or so… And maybe concat it with the currently used itomSettignsfiles in SDK/../itomSettings

  2. M. Gronle

    A couple of weeks ago I read a little bit about the Python virtual environments. As far as I have seen, this is not so easy to implement for embedded Python, that is used within itom.

    In general I am open to change the editing rights for non-admin users, as proposed by David, but we can also mix it up with OS-dependent user restrictions.

    Maybe you can make an internal brainstorming again about things, that should be changed in the user management dialog in itom, considerding other existing possibilities. Then we can implement them.



  3. Log in to comment