- Posts: 12
- Thank you received: 1
Welcome to the LimeSurvey Community Forum
Ask the community, share ideas, and connect with other LimeSurvey users!
Several problems with user permissions since upgrade to 2.50+160829
- fpicabia
- Topic Author
- Offline
- New Member
Less
More
7 years 6 months ago #141181
by fpicabia
Several problems with user permissions since upgrade to 2.50+160829 was created by fpicabia
We upgraded Lime Survey from 2.05+ to 2.50 and initially testing seemed fine. The database update seemed to work OK.
Now we noticed some users have LDAP authentication turned off.
Some users have the top level "create surveys" permission enabled, which gives them
access to surveys they have no right to see with data owned by other people.
Also, the feature to auto create users who sign in over LDAP doesn't seem to work ("credentials are valid but we failed to create a user" appears on the screen).
Are there solutions to these problems or should we restore 2.05?
Now we noticed some users have LDAP authentication turned off.
Some users have the top level "create surveys" permission enabled, which gives them
access to surveys they have no right to see with data owned by other people.
Also, the feature to auto create users who sign in over LDAP doesn't seem to work ("credentials are valid but we failed to create a user" appears on the screen).
Are there solutions to these problems or should we restore 2.05?
The topic has been locked.
- Mazi
- Offline
- Official LimeSurvey Partner
7 years 6 months ago #141204
by Mazi
Best regards/Beste Grüße,
Dr. Marcel Minke
Need Help? We offer professional Limesurvey support: survey-consulting.com
Contact: marcel.minke(at)survey-consulting.com
Replied by Mazi on topic Several problems with user permissions since upgrade to 2.50+160829
As for the permissions: There have been some changes (see up to date documentation at
manual.limesurvey.org/Manage_users#Setti...rmissions_for_a_user
).
If a user has the global right to VIEW surveys, they can see all surveys. If you want them to only see their surveys or the ones they were assigned to, give those user only the CREATE right for surveys.
If a user has the global right to VIEW surveys, they can see all surveys. If you want them to only see their surveys or the ones they were assigned to, give those user only the CREATE right for surveys.
Best regards/Beste Grüße,
Dr. Marcel Minke
Need Help? We offer professional Limesurvey support: survey-consulting.com
Contact: marcel.minke(at)survey-consulting.com
The following user(s) said Thank You: fpicabia
The topic has been locked.
- fpicabia
- Topic Author
- Offline
- New Member
Less
More
- Posts: 12
- Thank you received: 1
7 years 6 months ago #141265
by fpicabia
Replied by fpicabia on topic Several problems with user permissions since upgrade to 2.50+160829
We found the issue blocking user creation from LDAP login. The LDAP Auth plugin requires fields for full name and mail attributes from LDAP or it won't make users. So for AD that is displayName and mail. Users are created now.
The permissions will need to be fixed on the backend. We have over 250 Survey Admins so we are not doing it by hand.
Developers should be aware that by default Survey Admins should not have rights to view other surveys on the system. In the academic world, this is a BIG NO NO!
The permissions will need to be fixed on the backend. We have over 250 Survey Admins so we are not doing it by hand.
Developers should be aware that by default Survey Admins should not have rights to view other surveys on the system. In the academic world, this is a BIG NO NO!
The topic has been locked.