Closed jillpe closed 10 months ago
What do you want non-super admins to see?
Partially, we're not sure what some of these fields are for, and thus we're not sure what could potentially allow users to break systems by changing settings.
The ones we don't know about are:
I think we should also limit File Size Limit to superadmin (I also notice that the text says it should be set to at least 536870912000 but the default value is only 5368709120)
Given the information on ticket 778, we should add Contact Email and Contact Email To to the list of things only superadmins can access. https://github.com/scientist-softserv/palni-palci/issues/778
SoftServ QA: ✅ Pass!
We want to retain Contact email to for local admins. There is also an issue with some tenants having different Account settings pages (see au-archives.hykucommons.org, compare to sju-library.hykucommons.org).
@ndroark What do you mean by local admins? These fields should only show to superadmins with our changes.
I mean that we need to revert that change for the Contact Email To field. It should be accessible to non-super admins, since it's something they can set and change without additional configuration. See Rob's comment here https://assaydepot.slack.com/archives/C0313NKC08L/p1697499227224089?thread_ts=1697487952.830559&cid=C0313NKC08L
Gotcha. For clarity of this ticket, could you list the fields that should only be displayed to superadmins? This ticket listed many fields. We currently have them defined in a constant, here cc @ndroark We did this based on this comment (and the acceptance criteria)
SUPERADMIN_ONLY_SETTINGS = [:contact_email, :contact_email_to,
:analytics_provider, :file_acl, :s3_bucket,
:oai_prefix, :oai_sample_identifier,
:file_size_limit].freeze
For sure, that same list without the Contact email to. So the superadmin only settings are :
:contact_email, :analytics_provider, :file_acl, :s3_bucket, :oai_prefix, :oai_sample_identifier, :file_size_limit
Tested on: https://dev.commons-archive.org/
SUPER ADMIN SHOULD SEE:
ADMIN SHOULD NOT SEE:
The help text for "Contact email" and "Contact email to" are reversed
switched the hint text, will be doing a hot fix deploy soon
Summary
The Account Setting page has too many options for non-super admins, and Pals would like to limit their options.
Screenshots
![image](https://github.com/scientist-softserv/palni-palci/assets/84697174/3517fb7a-8888-4de9-a5e1-bf3c762c2f62)Hide certain settings from non-superadmins on the Account settings dashboard page as prescribed by the client.
Acceptance Criteria
A non super admin user should NOT see the following fields:
Testing Instructions
Visit the options here, as a super admin and a non super admin.
super admin login: support@notch8.com => get password from 1Password non super admin login: user@example.com => testing123
Expected Behavior Before Changes
screenshot (non superadmin user)
![image](https://github.com/scientist-softserv/palni-palci/assets/10081604/d0babdb3-8b6a-4c1a-9b70-c8b8bc25a02e)screenshot (superadmin user)
![image](https://github.com/scientist-softserv/palni-palci/assets/10081604/1daf1618-9fc9-462f-8c46-4249294ef721)Expected Behavior After Changes
screenshot (non superadmin user)
![image](https://github.com/scientist-softserv/palni-palci/assets/10081604/5029eb16-c3db-47a9-8324-ac3fe3a00e31)screenshot (superadmin user)
![image](https://github.com/scientist-softserv/palni-palci/assets/10081604/d1e3c47a-76fe-4fd3-ba1a-e5527cefb6e8)