jberanek
commented
5 years ago Edit mrbs_auth.inc and change line 37 from
$page_level['report.php'] = 1;to
$page_level['report.php'] = 2;Users will still see the link to the Report page, but they won't be able to access it. (This changes in the default branch where users will only see links to pages for which they have access).
Original comment by: campbell-m
Hi
We are using MRBS 1.7.3 with ldap authentication. We have set the config option to specify the MRBS admins via an ldap group
$ldap_admin_group_dn
Now i noticed that even normal users (defined via $ldap_filter) can generate reports.
How can i restrict this option to MRBS admins only? The best solution would be that the button is hidden for normal users, or if this is not possible, that you get an "insufficient permissions" error.
Best, Thomas
Reported by: thomymaster1985
Original Ticket: mrbs/support-requests/1876