Restricted Admin role?

(9 posts) (2 voices)

Tags:

  1. Hi,

    Would there be a way to restrict admins further? Such as not being able to delete reports from the MyDBR interface or suppressing the delete button from the browsing UI (but maybe leaving it inside the report edit info screen?)

    Thanks,
    Trevor

  2. myDBR Team, Key Master

    What would be the purpose of a restricted admin? What is the thing you would want such a role to be able to do?

    --
    myDBR Team

  3. Subdividing admins into report creators vs. true admins.

    We have a number of moderate power users that want to develop their own reports and once "blessed" move them to be publicly available. However, these users shouldn't have the ability to delete a report that's not theirs or even delete any report at all.

    Or if they do delete a report, then it goes into a trash can or deleted reports list which would allow it to be restored.

    The primary problem we are trying to solve is to reduce accidental deletions. It's happened a number of times in the past few weeks. I know there is a modal popup requesting confirmation but somehow they keep clicking okay and doing it :)

    Another way just to solve the delete issue would be to provide a "sudo" mode - only when an admin has explicitly enabled sudo for their current session, then the delete links appear. The sudo session flag resets upon logout and/or timeout.

    Trevor

  4. myDBR Team, Key Master

    Deleting reports that the user should not delete sounds more like a process issue.

    We do however have a feature request in where user should only be able to modify his/her own reports. However, to do this correctly, this would require separate logins into the database for these users, as the user with access to SQL command line could do changes using the generic admin rights.

    --
    myDBR Team

  5. Hi,

    Sorry for the long delay.

    I understand the issues with synchronizing the MyDBR logins to the db logins in order to provide the separation you are talking about.

    If it seems reasonable, having the ability to suppress the Delete links for certain admins would be great. Again we had someone accidentally delete a report even with the JS popup confirmation. We have to give certain users admin rights so they can develop reports, but as soon as we do, it opens us up to this issue since the Delete link is accessible.

    Thoughts?

    Trevor

  6. PS It could be that when the main Delete is link is removed, the ability to delete is only present in the report edit screen where you control privs and the parameters.

  7. myDBR Team, Key Master

    If disabling the 'Delete report'-link is something that would help you, you can do that using JavaSript. Attach a report to the dashboard to to the job.

    --
    myDBR Team

  8. Thanks for the input. I should have thought of going the home-grown route, especially since you use jQuery so extensively.

    Putting this in main_top.html seems to work quite well.

    <script>
         $(document).ready(function(){
             $("a[href='#'][onclick*='Delete']").hide();
         });
    </script>

    Is there a JS object that I can access to determine the currently logged in username or email?

  9. myDBR Team, Key Master

    There is no username in JS object. We can add one though. For now you can use a report in main_top instead of a direct JS code. This way you can use the automatic parameters.

    --
    myDBR Tea,


Reply

You must log in to post.