Pre-Define some Prperties for other Users in Limesurvey (smthn like RBAC..)

More
1 month 2 weeks ago #166612 by florianmoos
florianmoos created the topic: Pre-Define some Prperties for other Users in Limesurvey (smthn like RBAC..)
Hey everybody,
we're new to the Lime Survey CE and are currently evalutiong if this could be our future solution for internal Survey or elections.

I just want to know if it is possible to implement something like RBA(C) so we're able to prevent "normal" Users from creating Surveys with Features like "Log IP-Address" enabled?!

We're using LimeSurvey just for internal purposes but we do not want People to be able to deanonymize Survey participants by having IP-adresses, which can be easily run against the Domain DNS to get the ComputerName.

Is there something possible like this (or maybe something planned?) Or are we (IT Staff Members) forced to create the Surveys for all the People so we can Control that there are no such Features enabled?

(Little Background: We're a german governmental Organization so Data Protection Commissioner and work council want These Things not to be logged..)

If there's already a thread or feature request for stuff like that, just let me know! But I wasn't able to find something related here or in the Bug/Feature Tracker section..

Thanks for your answers.

Kind Regards
Florian

Please Log in or Create an account to join the conversation.

More
1 month 2 weeks ago #166614 by Joffm
Joffm replied the topic: Pre-Define some Prperties for other Users in Limesurvey (smthn like RBAC..)
Hi, Florian,
well, first thing.
Your "normal" users all are created by admins.
So all of them should be aware of your data protection rules.
If they do not keep to it, "Abmahnung", "Personalakte",...

Second:
There is an access control, I think you saw it already.


But what you desire is not available in LS, but as IT staff, you could create a trigger in the database to do something like that.

In the table "[prefix]_surveys" you find all interesting fields:
"anonymized"
"ipaddr"
and so on.

And the "owner_id", which shows, who created the survey.

IMO a trigger "before insert" could set all fields to your desired value.

Joffm
Attachments:
The following user(s) said Thank You: florianmoos

Please Log in or Create an account to join the conversation.

More
1 month 2 weeks ago #166639 by jelo
jelo replied the topic: Pre-Define some Prperties for other Users in Limesurvey (smthn like RBAC..)

florianmoos wrote: I just want to know if it is possible to implement something like RBA(C)

What is RBA? RBA(C)?

You might open a feature request about missing settings. To me it looks like a more granular permission system (e.g. block settings which would allow saving IP-adresses) would be the most important improvement. There are some signals that a overhaul of the permission system is on the watchlist of the developers.

There a some feature requests around improving permission system and further limits for users.
Currently you have more or less a admin-focused LimeSurvey. In a bigger organization you will end up with more than one LimeSurvey-installation. LimeSurvey.org is offering hosting to customers and they have a dedicated installation for each customer. So no multi-tenancy capability implemented at the moment.

bugs.limesurvey.org/view.php?id=12651
bugs.limesurvey.org/view.php?id=8751
bugs.limesurvey.org/view.php?id=7397
The following user(s) said Thank You: florianmoos

Please Log in or Create an account to join the conversation.

More
1 month 2 weeks ago - 1 month 2 weeks ago #166642 by orvil
orvil replied the topic: Pre-Define some Prperties for other Users in Limesurvey (smthn like RBAC..)
RBAC = Role Based Access Control see https://en.wikipedia.org/wiki/Role-based_access_control .

It is implemented in Yii2 https://yii2-cookbook.readthedocs.io/security-rbac/ and a heavy meal ;)

Best regards/Beste Grüße,
O. Villani
Last Edit: 1 month 2 weeks ago by orvil.
The following user(s) said Thank You: florianmoos

Please Log in or Create an account to join the conversation.

More
1 month 2 weeks ago #166659 by jelo
jelo replied the topic: Pre-Define some Prperties for other Users in Limesurvey (smthn like RBAC..)
Thanks. LimeSurvey is currently based on Yii1. Moving to Yii2 is on the roadmap. manual.limesurvey.org/LimeSurvey_roadmap#Planned_features

Please Log in or Create an account to join the conversation.

More
1 month 2 weeks ago #166716 by florianmoos
florianmoos replied the topic: Pre-Define some Prperties for other Users in Limesurvey (smthn like RBAC..)
Hey,

first of all: Thanks for all the quick responses! Didn't actually expected that :-)


Second:
@joffm Where do I find the Access Control? Unfortunately I did not found the view you have..
The Hint with the Database Monitoring and the trigger if some fields are set is good. Thanks.
So I think we will implement something between technical Monitoring and Rules how to set up a correct internal Survey.

Regards
Florian

Please Log in or Create an account to join the conversation.

More
1 month 2 weeks ago #166728 by Joffm
Joffm replied the topic: Pre-Define some Prperties for other Users in Limesurvey (smthn like RBAC..)
Hi,
very quick:









Best regards
Joffm
Attachments:

Please Log in or Create an account to join the conversation.

More
1 month 2 weeks ago #166784 by LouisGac
LouisGac replied the topic: Pre-Define some Prperties for other Users in Limesurvey (smthn like RBAC..)
for now the homemade LS permission system is based on users.
We planed to integrate a real RBAC permission system for ls4.

Please Log in or Create an account to join the conversation.

Start now!

Just create your account and start using Limesurvey today.

Register now
Join our Newsletter!