btsherid
commented
7 months ago I would also like to disable all users being able to see the users section. I agree that this should be limited to admin only.
Open ds2268 opened 2 years ago
btsherid
commented
7 months ago I would also like to disable all users being able to see the users section. I agree that this should be limited to admin only.
manthey
commented
7 months ago Internally, users are access controlled models, so this would be a matter of setting all users to public=False. I don't think there is a web api to do this for users, so this would be running for user in User().find(): User().setPublic(user, False, save=True) in python and hooking to the user creation event to ensure new users are so flagged.
It wouldn't be a hard feature to add to a plugin.
Any user can see all the users in the "users" section. Can we somehow limit this already now? Users might use full names and might not be desirable to be seen by other users, especially if there are multiple collections, for each institution separately, but users from both collections can still see all the registered users on the platform. This should be limited to admin only, or to see users that are part of the collections that you are also in...