Uploaded image for project: 'Sakai'
  1. Sakai
  2. SAK-43323

User account type is overriding the site level roles/permissoins

    XMLWordPrintable

    Details

    • Type: Bug
    • Status: Awaiting Information
    • Priority: Major
    • Resolution: Unresolved
    • Affects Version/s: 12.4, 20.0
    • Fix Version/s: None
    • Component/s: Assignments, Messages Tool
    • Labels:
      None
    • Test Plan:
      Hide

      Setup a site with multiple rosters, include the Messages and Assignments tools
      Assign a TA to each section. The TA should be type "maintain" in their user account
      Setup permissions in Messages to only allow TA's to message their own groups.
      Become a TA and compose a message. The "To" list should show every users/group in the site when it should be filtered
      Switch the TA's user type to "registered" and become the user. (May have to reset caches on the server or wait for them to expire)
      Become the TA again and compose a message in the site. The "To" list should be filtered correctly

      The setup steps are the same for the Assignments tool.
      As the TA access the Assignments tool/permissions tab and click the "Set permissions for" dropdown.
      If the TA's user type is "maintain" they will see every section in the dropdown
      Swith the TA's user type to "registered" and the dropdown filters correctly

      Show
      Setup a site with multiple rosters, include the Messages and Assignments tools Assign a TA to each section. The TA should be type "maintain" in their user account Setup permissions in Messages to only allow TA's to message their own groups. Become a TA and compose a message. The "To" list should show every users/group in the site when it should be filtered Switch the TA's user type to "registered" and become the user. (May have to reset caches on the server or wait for them to expire) Become the TA again and compose a message in the site. The "To" list should be filtered correctly The setup steps are the same for the Assignments tool. As the TA access the Assignments tool/permissions tab and click the "Set permissions for" dropdown. If the TA's user type is "maintain" they will see every section in the dropdown Swith the TA's user type to "registered" and the dropdown filters correctly

      Description

      The user's account type (registered, maintain) is overriding site level roles/permissions for the Messages and Assignments tools. In sites with multiple rosters, instructors for each individual roster are given TA role in the main site. However, their user type is "maintain" because they are also instructors in other courses. The messages tool is setup to only allow TA's to message their own sections but they can actually see/message every users/role in the site. If we switch their user account to "registered" then the messages tool respects the permissions settings and filters the list correctly.

      A similar thing is happening in the Assignments tool. In the permissions tab, TA's can see all rosters in the "Set permissions for" dropdown if they are type "maintain". Switch their type to "registered" and the drop down filters and only shows their rosters.

      User account type shouldn't override the site level roles and permissions as users can have multiple roles across different sites.
      We have reproduced this in 12.4 and also the current 20.x branch.

        Gliffy Diagrams

          Zeplin

            Attachments

              Activity

                People

                Assignee:
                ern Earle R Nietzel
                Reporter:
                tawillis Ashley Willis
                Votes:
                0 Vote for this issue
                Watchers:
                5 Start watching this issue

                  Dates

                  Created:
                  Updated:

                    Git Integration