[gold-users] Gold user privileges
scrusan at ur.rochester.edu
Mon Jun 14 10:41:11 MDT 2010
I¹m trying to modify the gold objects so that most users cannot see
other user¹s balances, unless they are given the admin role (in fact I¹d
like to only allow project admins to login anyways, but that¹s something
I¹ve tried a few things so far.
>From this thread:
In the interim, I¹ve tried to change the RoleAction for Balance to SELF,
which I believe would solve most of the problems, but users can still view
other project balancers (the projects and public and such either).
If I fully delete the RoleAction Name==Balance attributes, it still allows
users to use the commandline, or other parts of the web interface to see
user¹s balances (transaction logs, reservations, allocations, etc). I¹d
guess that requires heavily customizing the install using goldsh, but I
really don¹t want to break any important functionality.
I see this is part of a larger issue where I¹d like to setup a hierarchy of
permissions so that there are system admins, project admins, and then normal
users really should only be able to show their own balance, and maybe some
Does anyone else have a similar setup, or is this even possible?
Center for Research Computing
University of Rochester
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the gold-users