If a user who doesn't have all of the administrator access, clicks on the "Admin Dashboard" link of the Control Center, he will have this message : 'You do not have access to this page.'
It's because in the index.php, there is this :
if(SUPER_USER == 1 || (SUPER_USER != 1 && ($reportRights[$report_id]['project_view'] || $reportRights[$report_id]['executive_view']))) { $sanitizedJavascriptObject = htmlentities($module->getJavascriptObject($report_id, false, $_GET['asUser']), ENT_QUOTES,>} else {
die('You do not have access to this page.');
}
I have checked in $reportRights, and the ['executive_view'] value is 1 for every id. The problem is that $report_id = -1 in my case. It's because of this part of the code fiew lines before in index.php :
If in the url there is no "report" or "id", then $report_id = -1, which lead to 'You do not have access to this page.'
Or, this is the case for the url from the Control Center which ends with : ?type=module&prefix=admin_dash&page=index
And for example if i add "&id=1" (and configure the executive view) at the end of the url, it's working. So I think there is a little problem with the url by default in the Control Center page, because non SUPER_USER can't access this page normally, even if they have the good conditions in $reportRights.
Hello everyone,
If a user who doesn't have all of the administrator access, clicks on the "Admin Dashboard" link of the Control Center, he will have this message : 'You do not have access to this page.'
It's because in the index.php, there is this :
if(SUPER_USER == 1 || (SUPER_USER != 1 && ($reportRights[$report_id]['project_view'] || $reportRights[$report_id]['executive_view']))) { $sanitizedJavascriptObject = htmlentities($module->getJavascriptObject($report_id, false, $_GET['asUser']), ENT_QUOTES,>} else { die('You do not have access to this page.'); }
I have checked in $reportRights, and the ['executive_view'] value is 1 for every id. The problem is that $report_id = -1 in my case. It's because of this part of the code fiew lines before in index.php :
If in the url there is no "report" or "id", then $report_id = -1, which lead to 'You do not have access to this page.'
Or, this is the case for the url from the Control Center which ends with : ?type=module&prefix=admin_dash&page=index
And for example if i add "&id=1" (and configure the executive view) at the end of the url, it's working. So I think there is a little problem with the url by default in the Control Center page, because non SUPER_USER can't access this page normally, even if they have the good conditions in $reportRights.
Thank you,
Alexandre