RE-QDA / requal

Free and open-source software for computer-assisted qualitative data analysis
https://www.requal.app
Other
14 stars 1 forks source link

A project admin can remove permissions to access their own project #131

Closed martin-hajek closed 6 months ago

martin-hajek commented 6 months ago

A project administrator can accidentally lose access to their project if they remove all permissions themselves. This should not be possible because there is no way to restore access. permissions

hlageek commented 6 months ago

@martin-hajek i think i ran into this during development, did i not fix it? just to clarify - you are not able to restore permissions? is this on the latest version?

martin-hajek commented 6 months ago

This is a project by a student who reports that clicking on the padlock icon displays a warning about insufficient permissions. I am also a member of that project and cannot edit permissions. This is an unfortunate situation because all his work in the project is lost for good. Or is there any way to recover it? And yes, this is the latest version 1.1.1.9001.

hlageek commented 6 months ago

It can be recovered by editing permissions directly in the database by sysadmin. But it should not come down to this, I thought I made some precautions so that at least one project member retains editing permissions. But either it was not implemented or there the solution was not foolproof. I will fix this soon.

hlageek commented 6 months ago

Ok, the precaution is implemented only for removing project members:

if (any(owner_check == 1)) warn_user("Project owners cannot be removed from project.")