search

meeting-room-booking-system / mrbs-code

MRBS application code
Other
123 stars 59 forks source link

Can 'only_admin_can_book' be set per area? #3064

Open jberanek opened 3 years ago

jberanek commented 3 years ago

Hi,

We've come to a situation where different areas have different requirements for "self service" bookings. Can the equivalent of "only_admin_can_book" be configured per-area? I'm not seeing that option, so I'm writing to confirm that this is not possible currently. It would be great to not have to spin up a separate instance of MRBS just for this area.

Thanks,

-Josh

Reported by: *anonymous

Original Ticket: mrbs/support-requests/2376

jberanek commented 3 years ago

No, not at the moment, though that feature will be coming in a future release. It's under development at the moment.

In the meantime there are two options:

  1. Modify the function getWritable() in mrbs_auth.inc so that it behaves differently depending on the area.

  2. Have two instances of MRBS as you say. But you could avoid having two versions of the code by operating MRBS in "multisite" mode, where there is a single version of code but multiple config files.

Original comment by: campbell-m

jberanek commented 3 years ago

Okay, thanks. Looking forward to that feature.

Original comment by: *anonymous

jberanek commented 3 years ago

If you're using LDAP authentication and are willing to use development code you could try it now, otherwise you'll need to wait.

Original comment by: campbell-m

jberanek commented 3 years ago

I actually am, yes. You can contact me directly via jmalone@nrao.edu

Original comment by: *anonymous

jberanek commented 3 years ago

You can download the code from the roles branch. Follow the "Download snapshot" link on that page.

As it's still development code I'd create a separate test installation for the moment until you're happy with it. The code introduces the concepts of "roles" and "groups". A role can be assigned to a user or to a group (in the case of LDAP this will be an LDAP group). For each role you can grant or deny read/write/admin (admin is actually called "all" but I'm going to rename it) permissions on a room by room and area and area basis.

Original comment by: campbell-m

jberanek commented 3 years ago

This sounds really good. I'll get it on a test instance soon. Thank you!

Original comment by: *anonymous

jberanek commented 1 year ago

Is there any Update about that feature? Would be pretty great to use this. Greetings :) @cimorrison

Original comment by: kev41

jberanek commented 1 year ago

The roles branch is still under development, but is pretty stable for 'db' and 'ldap' authentication and you coud test it.

Alternatively it's a fairly simple change to the standard code. All you'd need to is modify the function getWritable() in mrbs_auth.inc.

Original comment by: campbell-m

jberanek commented 1 year ago

We are using 'ldap' and I would like to test the roles branch, but i am not allowed " Sorry, the permissions for this page don't allow you to access it. " https://sourceforge.net/p/mrbs/hg-code/ci/roles/tree/ is this the right link ?

Original comment by: kev41

jberanek commented 1 year ago

We've switched to using GitHub. Follow the green Code button.

Original comment by: campbell-m