search

ui-icts / redcap-admin-dashboard

Provides a sortable table view of various reports on REDCap metadata
MIT License
2 stars 2 forks source link

REDCap Account Mangers can view link to report but link fails (security) #4

Open jthomas08 opened 4 years ago

jthomas08 commented 4 years ago

The EM renders a link at the control center for both Admins and Account Managers but clicking link fails with You do not have permission to access this page. for users in the Account Manager role. That functionality is correct, perhaps the EM link should not be visible for users when viewing the CC in the Account Manager role.

lsgs commented 3 years ago

Came here to report something similar to this on v10.1.2, i.e. with granular admin privileges. A users with some admin privileges but not "access to all projects" can see the Control Centre link but when they try to access the admin view the page throws an Exception that is not handled.

Fatal error: Uncaught Exception: You do not have permission to access this page. in /***/redcap_v10.1.2/ExternalModules/index.php:97 
Stack trace: 
#0 /***/redcap_v10.1.2/ExternalModules/index.php(112): ExternalModules\{closure}(Object(UIOWA\AdminDash\AdminDash)) 
#1 {main} thrown in /***/redcap_v10.1.2/ExternalModules/index.php on line 97
REDCap crashed due to an unexpected fatal error!

Please try again what you were doing. If this error persists, please contact a REDCap administrator. We apologize for any inconvenience.