#2043 closed enhancement (fixed)
Activating/deactivating roles on the fly in a login session
Reported by: | Nicklas Nordborg | Owned by: | Nicklas Nordborg |
---|---|---|---|
Priority: | major | Milestone: | BASE 3.11 |
Component: | core | Version: | |
Keywords: | Cc: |
Description (last modified by )
A user with multiple roles should be able to select which roles should be active during a session. For example, a user that is also an "Administrator" might want to disable the "Administrator" role until it is needed.
Which roles should be active after logging in? There are a number of possible options:
- It is automatically remembered per user.
- A configuration option for each role that forces a role to be either active or not.
- A combination of 1 and 2. Some roles are forced, some are remembered.
- As 3 but each user is allowed to configure which roles that should be active or not.
To preserve backwards compatibility, lack of configuration settings must mean that all roles are active.
UPDATE The final implementation is different from all of the above alternatives. The default setting is that all roles are active after logging in. A user may choose that some roles should be inactive after logging in (BASE -> Preferences -> Inactive roles dialog). Changes during the session are not remembered.
Change History (7)
comment:1 by , 8 years ago
Milestone: | BASE Future Release → BASE 3.11 |
---|
comment:2 by , 8 years ago
comment:3 by , 8 years ago
comment:4 by , 8 years ago
Owner: | changed from | to
---|---|
Status: | new → assigned |
comment:5 by , 8 years ago
comment:6 by , 8 years ago
Description: | modified (diff) |
---|---|
Resolution: | → fixed |
Status: | assigned → closed |
(In [7294]) References #2043: Activating/deactivating roles on the fly in a login session
Implemented support for setting a role as inactive in the core. New public methods are in the
SessionControl
class.The
getRoles()
method has been deprecated and replaced with other methods (since this method return ALL roles including inactive). Code that uses this method for permission checking may experiencePermissionDeniedExceptions
if a users has de-activated a role.The "User" menu to the far right has been updated to include a section with roles where the user can toggle the active/inactive status.
The settings are not (yet) remebered between sessions. All roles start out in the active state after logging in.