-
Notifications
You must be signed in to change notification settings - Fork 75
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
In User Audit page system admin action links are enabled for registrar #8571
Comments
@jpye-finch I don't think we have any separate scope for this now do we? Like if you have |
Or would these actions fall under |
Yes I had it as user:update https://docs.google.com/spreadsheets/u/2/d/1kQc-pYtftrzYoQTnB1fNxU6sI_qJzUSFrBs9fjww2aw/htmlview# |
Just to make sure,
So this only includes record related audits and not the account related ones? |
If a user can view a user profile page. Then they can see all audit history items We can add more granular scopes later if required |
@tiri39 I'll be moving this to ready for QA |
Marking this as Completed as the defined scope for Local registrar (user having the scope to view user audit page, can see all audit history items) is working as expected. Farajaland.CRS.-.Google.Chrome.2025-02-24.14-02-17.mp4 |
Bug description:
Registrar can click the system admin actions like - created user/ edited user/ reactivated user/ deactivated user from the history section of user audit page.
Steps to reproduce:
Actual result:
System admin action links are enabled for registrar.
Expected result:
System admin actions should be disabled for registrar.
Screenshot/Recording:
Farajaland.CRS.-.Google.Chrome.2025-02-04.18-45-03.mp4
Tested on:
https://register.farajaland-qa.opencrvs.org/
Version:
v1.7.0
The text was updated successfully, but these errors were encountered: