Restrict non admin and supervisor from performing actions and viewing data

Question

Restrict non admin and supervisor from performing actions and viewing data

curtisdelicata opened this issue 4 years ago · 3 comments

This is a ** feature request**.

Prerequisites

Are you running the latest version?
Are you reporting to the correct repository?
Did you check the documentation?
Did you perform a cursory search?

Description

I wrote code to restrict non admins in my fork for my application. So if you aren't an admin you can only see your own user and manipulate it. You can't touch anyone else's account. Would this be of interest? I don't know if I wrote it the best way so proposing the idea.

Answer 1 · 2020-10-31T07:29:56.000Z

add here a link to the policy file / auth file

Answer 2 · 2020-11-06T21:09:50.000Z

I didn't think of doing a policy. I modified the controllers and table. Maybe I did it wrong.

Answer 3 · 2020-11-06T21:12:06.000Z

Link is here: https://github.com/genealogiawebsite/core