Welcome to the LimeSurvey Community Forum

Ask the community, share ideas, and connect with other LimeSurvey users!

Pre-Define some Prperties for other Users in Limesurvey (smthn like RBAC..)

  • florianmoos
  • florianmoos's Avatar Topic Author
  • Offline
  • New Member
  • New Member
More
5 years 11 months ago #166612 by florianmoos
Hey everybody,
we're new to the Lime Survey CE and are currently evalutiong if this could be our future solution for internal Survey or elections.

I just want to know if it is possible to implement something like RBA(C) so we're able to prevent "normal" Users from creating Surveys with Features like "Log IP-Address" enabled?!

We're using LimeSurvey just for internal purposes but we do not want People to be able to deanonymize Survey participants by having IP-adresses, which can be easily run against the Domain DNS to get the ComputerName.

Is there something possible like this (or maybe something planned?) Or are we (IT Staff Members) forced to create the Surveys for all the People so we can Control that there are no such Features enabled?

(Little Background: We're a german governmental Organization so Data Protection Commissioner and work council want These Things not to be logged..)

If there's already a thread or Feature request for stuff like that, just let me know! But I wasn't able to find something related here or in the Bug/Feature Tracker section..

Thanks for your answers.

Kind Regards
Florian
The topic has been locked.
  • Joffm
  • Joffm's Avatar
  • Offline
  • LimeSurvey Community Team
  • LimeSurvey Community Team
More
5 years 11 months ago #166614 by Joffm
Hi, Florian,
well, first thing.
Your "normal" users all are created by admins.
So all of them should be aware of your data protection rules.
If they do not keep to it, "Abmahnung", "Personalakte",...

Second:
There is an access control, I think you saw it already.


But what you desire is not available in LS, but as IT staff, you could create a trigger in the database to do something like that.

In the table "[prefix]_surveys" you find all interesting fields:
"anonymized"
"ipaddr"
and so on.

And the "owner_id", which shows, who created the survey.

IMO a trigger "before insert" could set all fields to your desired value.

Joffm

Volunteers are not paid.
Not because they are worthless, but because they are priceless
The following user(s) said Thank You: florianmoos
The topic has been locked.
More
5 years 11 months ago #166639 by jelo

florianmoos wrote: I just want to know if it is possible to implement something like RBA(C)

What is RBA? RBA(C)?

You might open a feature request about missing settings. To me it looks like a more granular permission system (e.g. block settings which would allow saving IP-adresses) would be the most important improvement. There are some signals that a overhaul of the permission system is on the watchlist of the developers.

There a some feature requests around improving permission system and further limits for users.
Currently you have more or less a admin-focused LimeSurvey. In a bigger organization you will end up with more than one LimeSurvey-installation. LimeSurvey.org is offering hosting to customers and they have a dedicated installation for each customer. So no multi-tenancy capability implemented at the moment.

bugs.limesurvey.org/view.php?id=12651
bugs.limesurvey.org/view.php?id=8751
bugs.limesurvey.org/view.php?id=7397

The meaning of the word "stable" for users
www.limesurvey.org/forum/development/117...ord-stable-for-users
The following user(s) said Thank You: florianmoos
The topic has been locked.
More
5 years 11 months ago - 5 years 11 months ago #166642 by orvil
RBAC = Role Based Access Control see en.wikipedia.org/wiki/Role-based_access_control .

It is implemented in Yii2 yii2-cookbook.readthedocs.io/security-rbac/ and a heavy meal ;)

Best regards/Beste Grüße,
O. Villani
Last edit: 5 years 11 months ago by orvil.
The following user(s) said Thank You: florianmoos
The topic has been locked.
More
5 years 11 months ago #166659 by jelo
Thanks. LimeSurvey is currently based on Yii1. Moving to Yii2 is on the roadmap. manual.limesurvey.org/LimeSurvey_roadmap#Planned_features

The meaning of the word "stable" for users
www.limesurvey.org/forum/development/117...ord-stable-for-users
The topic has been locked.
  • florianmoos
  • florianmoos's Avatar Topic Author
  • Offline
  • New Member
  • New Member
More
5 years 11 months ago #166716 by florianmoos
Hey,

first of all: Thanks for all the quick responses! Didn't actually expected that :-)


Second:
@joffm Where do I find the Access Control? Unfortunately I did not found the view you have..
The Hint with the Database Monitoring and the trigger if some fields are set is good. Thanks.
So I think we will implement something between technical Monitoring and Rules how to set up a correct internal Survey.

Regards
Florian
The topic has been locked.
  • Joffm
  • Joffm's Avatar
  • Offline
  • LimeSurvey Community Team
  • LimeSurvey Community Team
More
5 years 11 months ago #166728 by Joffm
Hi,
very quick:

[hr]

[hr]

[hr]
Best regards
Joffm

Volunteers are not paid.
Not because they are worthless, but because they are priceless
The topic has been locked.
  • LouisGac
  • LouisGac's Avatar
  • Visitor
  • Visitor
5 years 11 months ago #166784 by LouisGac
for now the homemade LS permission system is based on users.
We planed to integrate a real RBAC permission system for ls4.
The topic has been locked.

Lime-years ahead

Online-surveys for every purse and purpose