softwords / pineapples / issues / #1018 - Make all dashboards public [2021:HPR] — Bitbucket

Issue #1018 resolved

Ghislain Hachey created an issue 2021-02-25

Ideally no login is required to view all the dashboards. Something like an anonymous user.

Comments (10)

Ghislain Hachey reporter
- changed title to Make all dashboards public [2021:HPR]
- 2021-05-07T07:32:23+00:00
Brian Lewis repo owner
Quite a lot of issues to address in this…. how to indicate an ‘anonymous’ user?, where does their menu come from? how to restrict what they can see and do?

Steps to make this work:
1. turn on ‘Public Access’
create the key ‘allowPublicAccess’ value = “1” in web.config AppSettings
```
    <add key="allowPublicAccess" value="1"/>
```
‌

2. Create Menu options for public states.

ui-router states have been added for Public access. These include dashboards, and indicator states. To access these they need to be defined in Navigation in IdentitiesP.

Use this script:

begin transaction

Select * from Navigation

DELETE from Navigation
WHERE id like 'public%'

INSERT INTO Navigation
(id
, icon
, label
, state
, children
, note
)
Select 'public.' + id
, icon
, label
, replace(state,'site.indicators','public.indicators')
, replace(children,'indicators.','public.indicators.')
, note
FROM Navigation
WHERE id like 'indicators%'

INSERT INTO Navigation
(id, icon, label, state)
VALUES ('public.dashboards.schools','pie-chart', 'Schools','public.dashboards.schools')
, ('public.dashboards.teachers','pie-chart', 'Teachers','public.dashboards.teachers')
, ('public.dashboards.exams','pie-chart', 'Exams','public.dashboards.exams')

INSERT INTO Navigation
(id, icon, label, children)
VALUES ('public.dashboards','pie-chart', 'Dashboards','public.dashboards.schools|public.dashboards.teachers|public.dashboards.exams')
, ('PUBLIC','pie-chart', 'Public Access','public.indicators.miemis|public.dashboards')

Select * from Navigation
rollback

and set the public.indicators.miemis node to the set of indicators you want ( and commit!)

‌

‌
- 2021-09-28T01:18:25+00:00
Brian Lewis repo owner
Step 2a: Configure the PUBLIC Navigation node.

This navigation menu named PUBLIC is loaded for any Public Access. I should only contain children that point to the public states (public.dashboards. public.indicators.) otherwise they will fail as not authorized and throw you back to the signin page.

‌
- 2021-09-28T01:20:37+00:00
Brian Lewis repo owner
At this point it will be good to go:

when allowPublicAccess as per 1) in web.config, you get a public access button on signin:

‌
- 2021-09-28T01:22:36+00:00
Brian Lewis repo owner
Follow Public Access and you go to Public Access home page, with PUBLIC menu in the navigation bar:

‌
- 2021-09-28T01:24:20+00:00
Brian Lewis repo owner
You have signin available instead of current user options in title bar:

‌
- 2021-09-28T01:26:26+00:00
Brian Lewis repo owner
Security Notes:

No authentication token is ever issued by the server in Public Access mode. So, only REST endpoints that allow unauthenticated access can be accessed.

The permissions settings by Topic and Level (eg. School.ReadX, Exams.Admin etc) are all 0 ie there are no permissions available.

If the anonymous user tries to navigate to a protected page (e.g. /schools.list) then they will be returned to the signin page.

‌
- 2021-09-28T01:32:03+00:00
Brian Lewis repo owner
- changed status to resolved
feat(public access) Support unauthenticated 'public' access

Resolves ~~#1018~~

→ <<cset a6fac9d4cd07>>
- 2021-09-28T01:49:40+00:00
Brian Lewis repo owner
feat(publicaccess): typescript components

Resolves ~~#1018~~

→ <<cset 89511d52fa77>>
- 2021-10-05T02:24:16+00:00
Brian Lewis repo owner
feat(publicaccess): controller Resolves ~~#1018~~

→ <<cset 819e006a30b2>>
- 2021-10-05T02:29:51+00:00
Log in to comment

Assignee: Brian Lewis

Type: task

Priority: major

Status: resolved

Votes: 0

Watchers: 2

Jira: the preferred issue tracker for Bitbucket. Join the team!