0011614: confusing access rights administration

ID	Project	Category	View Status	Date Submitted	Last Update

0011614	mantisbt	code cleanup	public	2010-03-05 04:43	2010-03-05 04:43

Reporter	Fabien Poirier	Assigned To
Priority	normal	Severity	feature	Reproducibility	always
Status	new	Resolution	open
Product Version	1.1.8

Summary	0011614: confusing access rights administration
Description	Administration system is not easy to understand : access rights are hierarchicals : it is quite difficult to use Mantis in a way where access rights must not be hierarchical, i.e. there is always somewhere in the code where the grants are hard coded and not configurable. All access rights should be settable by group and only by group. some rights are settable for all user, whatever their groups. There are some settings that are true for all groups whereas it shoudn't because Mantis loose is adaptibility to be fine tuned to some particular needs. In fact, do this simple rule should clean and simplify the code, because ther will be only one function to grant access, whereas there are multiple ways to do this by now. All access rights should be settable by group and only by group.
Steps To Reproduce	Jus use Mantis in a way where there are users from company A, users from company B. A users and B users must have clearly distinguished access rights which are not hierarchicals, it is not possible to do it in Mantis now. I did it but I put some dirty hacks in php code to overwrite right acceess in some pages.
Additional Information	Mantis rights access system is too complex for now whereas it could be more simple to understand, more configurable and easier to code.
Tags	No tags attached.

View Issue Details

Activities