[0.6.5] Administrative role able to view/edit any project?

[gwolf]

Hi,

This surely feels like a bug, but it might be part of the design criteria: An administrative user can list all of the existing projects in the system, but if he tries to edit (or view) a project he does not participate in, the system answers with an "access denied" message.

While I understand the "edit projects" role applies to own projects, perhaps a new permission "edit all projects" should be added? Or this should be seen as an extra ability of a user who has the "administration" permission?

[Eva]

You can just assign youself to any project, as an admin. This solves the problem.

[gwolf]

This patch implements what I am requesting - Of course, there might be cleaner ways to do it, maybe define a specific role for it... But this does the trick:

Code: Select all

Index: collabtive-0.6.5/include/initfunctions.php
===================================================================
--- collabtive-0.6.5.orig/include/initfunctions.php   2011-01-25 13:44:17.000000000 -0600
+++ collabtive-0.6.5/include/initfunctions.php   2011-01-25 14:39:21.000000000 -0600
@@ -26,6 +26,14 @@
     }
     else
     {
+        $role = (int) $user;
+        $sel = @mysql_query("SELECT admin FROM roles WHERE ID = $role");
+   $chk = @mysql_fetch_row($sel);
+   $adm = unserialize($chk[0]);
+   if ($adm["add"])
+   {
+       return true;
+   }
         return false;
     }
}


[gwolf]

Eva: Yes, but it's cumbersome to add myself if I just want to check a detail on it, and then re-delete myself... I think my suggested patch follows a cleaner workflow.

[fuzzy76]

I vote for this patch, It's terribly cumbersome to have to add our core developers to every single project.

[jadwight]

add me to this notion... The point of project management is to make things easier. It's not easier when you constantly have to "work-around" just to edit a project. As an administrator you should have access to everything site-wide and not have to consume your time adding yourself to a bunch of projects created by employees... does this make sense? it's like the employee has an upper hand... lol

[mroughton]

Where in the initfuctions.php file do I add this script?

[jadwight]

I also am wanting to know this... I've experimented but Dreamweaver keeps telling me there is error in it...

[mroughton]

I just tested the below script/patch and it works perfectly!

Replace the chkproject function in /include/initfunctions.php.

Code: Select all

function chkproject($user, $project)
{
$sel = @mysql_query("SELECT ID FROM projekte_assigned WHERE projekt = $project AND user = $user");
$chk = @mysql_fetch_row($sel);
$chk = $chk[0];

if ($chk != "")
{
return true;
}
else
{
$sel = @mysql_query("SELECT r.ID FROM roles_assigned ra, roles r WHERE ra.role = r.ID AND r.name = 'Admin' AND ra.user = $user");
$chk = @mysql_fetch_row($sel);
$chk = $chk[0];
if ($chk != "")
{
return true;
} else {
return false;
}
}
}
coolhands_99

Posts: 1
Joined: 12.08.2010, 09:23