dan-tang-ssd
commented
1 year ago As discussed, we should hide the functions if the logged in user does not have permission to use them.
Closed dan-tang-ssd closed 1 year ago
dan-tang-ssd
commented
1 year ago As discussed, we should hide the functions if the logged in user does not have permission to use them.
dan-tang-ssd
commented
1 year ago Just found that all institutional roles can export initiative data as excel file with same content...
I think we may need a more comprehensive review on existing functions for different roles. E.g. Show or hide / Enable or disable a particular button for a particualr role
Describe the bug Roles and permissions issue
To Reproduce Login as Institutional Member My Institution > SETTINGS > Update some settings then save, success My Institution > ADDITIONAL ASSESSMENT CRITERIA > Update some settings then save, success Initiatives > Import Initiatives > Should we hide "Import Initiatives" button?
Expected behavior Should we make those features as read-only for users without corresponding permission?