View Issue Details

This bug affects 1 person(s).
 10
IDProjectCategoryView StatusLast Update
18468Bug reportsUser / Groups / Rolespublic2024-11-22 16:08
ReporterMazi Assigned To 
PriorityhighSeverityblock 
Status feedbackResolutionopen 
Product Version5.4.x 
Summary18468: User with rights to view other users can not see them at the survey permission screen
Description

A user with the global right to see other users is not presented any user when trying to assign survey permissions to others. The dropdown is simply blank.

Only when changing Global Settings -> Security -> "Users can see users from own group only" to NO, the user drop down is showing entries even though there are other users within the same user group.

Steps To Reproduce

Steps to reproduce

Create a new admin user with only the right to create surveys and view users.
Then create a simple survey and go to the survey permission screen.
Check the dropdown of exising users.

Expected result

See other users which exist at the same (default) user group within the dropdown.

Actual result

No users are present within the dropdown.
Only when chaning the mentioned global setting, users show up.

TagsNo tags attached.
Bug heat10
Complete LimeSurvey version number (& build)5.4.9
I will donate to the project if issue is resolvedNo
BrowserChrome
Database type & versionMariaDB 10.1.48
Server OS (if known)Ubuntu 20
Webserver software & version (if known)Apache
PHP Version8.1

Users monitoring this issue

There are no users monitoring this issue.

Activities

gabrieljenik

gabrieljenik

2022-12-07 19:50

manager   ~73020

@DenisChenu Is this related to 18468 ?
What do you think?

Mazi

Mazi

2022-12-07 23:35

updater   ~73021

Added missing setting details.

DenisChenu

DenisChenu

2022-12-08 09:19

developer   ~73024

@DenisChenu Is this related to 18468 ?

same number issue , then yes 18468 is related to 18468 :)

Else : it's an old issue here. User list are really complex …

@Mazi : you have a old 2.6lts to check how it work ? Maybe a 2.50 too ? And in 3.X ?
I think it's this behaviour since years now …

Update to set as a better behaviour are dangerous .
Did you remind when we add a REAL permission system for Survey some year ago ?
A lot of user complain there user see survey of other user … because we really use 'View' permission system.

Before 2.00 (or maybe in 2.05 too) : view survey didn't allow to view ALL survey.

DenisChenu

DenisChenu

2022-12-08 09:26

developer   ~73026

Got it : https://bugs.limesurvey.org/view.php?id=9571

And see comment : https://bugs.limesurvey.org/view.php?id=9571#c31846

At this date : there are a lot of Forum user complaining about new situation

Mazi

Mazi

2022-12-08 09:28

updater   ~73027

@DeniChenu, at version 2.6.7 the "Users can see users from own group only" does NOT have to be changed. It behaves different. There is no such bug.

DenisChenu

DenisChenu

2022-12-08 09:42

developer   ~73028

3.X have the issue ?

Mazi

Mazi

2022-12-08 09:46

updater   ~73029

@DenisChenu, just test ;-)

I can confirm that this is NOT an issue at LS 3.x.

DenisChenu

DenisChenu

2022-12-08 09:49

developer   ~73030

Then i think we must back to 3.X system :)

DenisChenu

DenisChenu

2022-12-08 09:53

developer   ~73031

Last edited: 2023-05-15 18:52

About expected result :

Users can see users from own group only to Yes
User have Permission read all user
See other users which exist at the same (default) user group within the dropdown only ? (i think yes, unsure)
See other users which exist at the same (default) user group in management only ? (i think yes, unsure)
User do not have Permission read all user
See other users which exist at the same (default) user group within the dropdown ? (i think yes)
No user management access

Users can see users from own group only to No
User have Permission read all user
See other users (all) ? (i think yes)
User do not have Permission read all user
See other users (all) in drop-down ? (i think yes (unsure))
No user management access

@gabrieljenik : seems totally related to the withListRight scope ;)

gabrieljenik

gabrieljenik

2022-12-08 13:03

manager   ~73034

same number issue , then yes 18468 is related to 18468 :)

Sorry, meant #18356

DenisChenu

DenisChenu

2022-12-08 14:14

developer   ~73037

Sorry, meant 18356

I don't think :l pother are related to role.
I don't know real usage of role …

gabrieljenik

gabrieljenik

2022-12-15 17:34

manager   ~73147

@gabrieljenik : seems totally related to the withListRight scope ;)

But now this is related to user listing, not survey listing.
You mean that method should be applied to user-* objects?

Want to take this?

DenisChenu

DenisChenu

2022-12-15 17:46

developer   ~73151

Last edited: 2022-12-15 17:46

You mean that method should be applied to user-* objects?

Yes , i think it can be more clear

Want to take this?

I want to have clear decision about expected result … with and without "Users can see users from own group only" option.
After : yes.

Mazi

Mazi

2023-04-11 10:46

updater   ~74451

Can we assign this to a developer? For some larger institutions this turns out to be a show stopper.

DenisChenu

DenisChenu

2023-04-11 11:09

developer   ~74454

Maybe a complete User permission system is needed ?

Mazi

Mazi

2023-04-11 12:22

updater   ~74458

@DenisChenu, I do not think that for fixing this bug we need a completely new user permission system. That would be a little too much. It is a simple bug, the settings doesn't seem to be taken into account.

gabrieljenik

gabrieljenik

2023-05-09 18:45

manager   ~74901

Hi @Mazy,

We have been trying to reproduce this and couldn't.
In LTS and 5.x has the same behaviour, and believe correct one.

Can you please try to reproduce / clarify?

See other users which exist at the same (default) user group within the dropdown.

What do you mean by "default"?

Actual result
No users are present within the dropdown.

Are you including the user in a group?
Maybe it is there is no group from where to show users?

DenisChenu

DenisChenu

2023-05-09 19:37

developer   ~74903

Must confirm this behavior

https://bugs.limesurvey.org/view.php?id=18468#c73031

(and maybe add it to manual)

gabrieljenik

gabrieljenik

2023-05-15 18:36

manager   ~74992

Use have view all user

What do you mean? A permission?

DenisChenu

DenisChenu

2023-05-15 18:50

developer   ~74996

Sorry :

User have Permission read at user on Global

I update

gabrieljenik

gabrieljenik

2023-05-17 23:21

manager   ~75051

I think the problem here lies on this expectation same (default) user group
There is no default user group.
If you are not on a group, you are not part of any group.

Does this clarifies or makes more sense @Mazi?

Mazi

Mazi

2023-05-18 00:22

updater   ~75071

Thing is that by default, 90% of users are not in a user group. Simply because most users do not use user groups.

So question is: Should we have/add a default user group?

To the common user not seeing any other users though having been assigned the permission to see them is confusing.

gabrieljenik

gabrieljenik

2023-05-18 14:47

manager   ~75075

So your expectation is:

  • Users can see users from own group only to Yes
  • If the user is not assigned to any group, it should be able to see users that have no group.

Isn't that a security concern? Isn't that too broad of a situation where lot of unexpected stuff could happen?

If someone should see users, he should have "read" permission at global level, right?

Mazi

Mazi

2023-05-21 20:00

updater   ~75125

@gabrieljenik, by default users need view permissions to see others.

And yes, I think they should see all other users. If this is not intended, then one should not assign the view permissions which is not set by default anyway. But if it is set, the user should see others. Otherwise it makes no sense.

gabrieljenik

gabrieljenik

2023-05-22 14:50

manager   ~75137

Last edited: 2023-05-23 17:09

We are talkig about the following, right?

Scenario:

  • User does have "user read permission" at global level
    Behaviour:
    ==> Assign survey permissions to others: Filled with all users
    (no matter other stuff)

Scenario:

  • User does NOT have "user read permission" at global level
  • "User can see users from own group only": Yes
    Behaviour:
    A) If user is not assigned to any group
    ==> Assign survey permissions to others: Empty
    B) If user is assigned to a group
    ==> Assign survey permissions to others: Filled with users from same group.

What do you think?

Not sure about what should happen on this scenario:

  • User does NOT have "user read permission" at global level
  • "User can see users from own group only": No
    Behaviour:
    A) If user is not assigned to any group
    ==> Assign survey permissions to others: ???
    B) If user is assigned to a group
    ==> Assign survey permissions to others: ???
Mazi

Mazi

2023-05-22 19:14

updater   ~75144

@gabrieljenik: The first scenarios look correct to me. I still think it is the VIEW permission though, not READ, but we may mean the same thing.

As for the last scenario: If there are no permissions to view users at global level, then they should never see any other users.

gabrieljenik

gabrieljenik

2023-05-22 20:54

manager   ~75145

As for the last scenario: If there are no permissions to view users at global level, then they should never see any other users.

Scenario:

  • User does NOT have "user read permission" at global level
  • "User can see users from own group only": No
    Behaviour:
    A) If user is not assigned to any group
    Assign survey permissions to others: Empty
    B) If user is assigned to a group
    Assign survey permissions to others: Empty.

I agree with you.

Ok, I will review and update :)

DenisChenu

DenisChenu

2023-05-23 15:26

developer   ~75159

Last edited: 2023-05-23 15:29

In current 3.X (LOL) seem Group member can only see own group: is used ONLY for user dropdown.

User with read all Users + "User can see users from own group only": to YES

  • User can see all user in user management
  • User can see only himself in Survey Permission

Then : seems OK to allow user with Read all user permission to see ALL user in dropdown too. No new secret appear. Maybe add a comment on manual (or in Group member can only see own group settings )

Scenario

Current
Users can see users from own group only to Yes
User have Permission read all user

  • See other users in same group within the dropdown only
  • See ALL other users in management

Move to

Users can see users from own group only to Yes
User have Permission read all user

  • See ALL other users within the dropdown only
  • See ALL other users in management
gabrieljenik

gabrieljenik

2023-05-23 17:17

manager   ~75188

Last edited: 2023-05-23 17:18

Please find below a summary.
Both 3.xLTS and v5 behave alike.

If you are OK, we will fix the situations highlighted in yellow

Also, we would change the label of the setting from "Group member can only see own group" to "Group member can see users from own group?".
And add some help text saying this will provide users which don't have "global user view permission", the possibility to see users from same group.

Thoughts?

image.png (23,881 bytes)   
image.png (23,881 bytes)   
DenisChenu

DenisChenu

2023-05-23 17:40

developer   ~75190

If you are OK, we will fix the situations highlighted in yellow

Looking at your summary : user without Read right permission see all users currently ? It's a terrible issue …

The expected part is for Permission dropdown ?

Also, we would change the label of the setting from "Group member can only see own group" to "Group member can see users from own group?".
And add some help text saying this will provide users which don't have "global user view permission", the possibility to see users from same group.

:+1:

gabrieljenik

gabrieljenik

2023-05-23 17:52

manager   ~75192

The expected part is for Permission dropdown ?

Yes, the element inspected is the user dropdown list on the assign survey permission screen.
I guess we should also check it when assigning the permission as well.

DenisChenu

DenisChenu

2023-05-23 18:05

developer   ~75195

Yes, the element inspected is the user dropdown list on the assign survey permission screen.

Yes : same list used for owner update etc … i think

I guess we should also check it when assigning the permission as well.

Currently : Survey and SurveyGroup use same code.

gabrieljenik

gabrieljenik

2023-05-23 18:12

manager   ~75196

I guess we should also check it when assigning the permission as well.

Currently : Survey and SurveyGroup use same code.

I was referring that we should check not only for building the dropdown list, but also when processing the permission assignment operation.

DenisChenu

DenisChenu

2023-05-23 18:37

developer   ~75200

I was referring that we should check not only for building the dropdown list, but also when processing the permission assignment operation.

Oh , yes : when GIVE persmision : check if user is allowed to see user.
And in the list of user : show only user oin same group

This part are more complex …

gabrieljenik

gabrieljenik

2023-05-26 16:34

manager   ~75236

PR v5: https://github.com/LimeSurvey/LimeSurvey/pull/3175

tibor.pacalat

tibor.pacalat

2023-06-09 16:53

administrator   ~75533

PR has some failing tests.

tibor.pacalat

tibor.pacalat

2023-06-14 17:28

administrator   ~75635

I have tested this, but I am not sure if there are still some changes required on the PR or not @ollehar.

DenisChenu

DenisChenu

2023-06-14 19:11

developer   ~75638

There are an issue with new implementation, we loose an ability

Before

  1. We can disable user management access (with email and login) but allow to select any user in Permission list. Not possible in new implementation.*

If a superadmin want user didn't see other user (except with user/read permission) : he can just activate "user group" system.

If he want users can give permission to all other users : he don't set this. : we loose this part.

then i think we need an option to get this possibility.

And about user/read permission : in 3.X User see only email of own groups : we loose too this option. I think we need a new option too to limit access to UserView by group

gabrieljenik

gabrieljenik

2023-06-15 14:59

manager   ~75642

I should take some time to review and understand a bit more your comment.

We can disable user management access (with email and login) but allow to select any user in Permission list. Not possible in new implementation

I don't understand this.
What do you mean by disable "user management access".

If he want users can give permission to all other users : he don't set this. : we loose this part.

I don't understand this. Can you provide an example?

And about user/read permission : in 3.X User see only email of own groups : we loose too this option. I think we need a new option too to limit access to UserView by group

Not sure I full y understand, but from I am getting, I believe we didn't loose it but made it straight.
That was the table about right?

DenisChenu

DenisChenu

2023-06-15 15:36

developer   ~75644

Last edited: 2023-06-15 15:37

What do you mean by disable "user management access".

An user without any user permission

If he want users can give permission to all other users : he don't set this. : we loose this part.

Today (without Group member can only see own group)

  • Create an user#1 and give him Survey create Permssion
  • Create another user#2 without any permission
  • user#1 create Survey#1
  • user#1 can give permission to Survey#1 to user#2
  • user#1 know only "User name" of user#2, no email or login name access.

Tomorrow, to allow this you must give

  • user#1 view all user global permission
  • user#1 have access to user#2 email address and login name

You broke one GDPR criteria : https://en.wikipedia.org/wiki/General_Data_Protection_Regulation

DenisChenu

DenisChenu

2023-06-15 15:39

developer   ~75645

And lost, with "Group member can only see own group" ro ON

User#1 have global permission User/read
User#1 are in Group#1
User#2 are in group#1
User#3 are in group#2

user#1 can check email and login of User#2, but have npo access of User#3 email address.

DenisChenu

DenisChenu

2023-06-15 15:40

developer   ~75646

I mean : there are a difference between

  1. View username and only username and loginname
  2. View username + email address
gabrieljenik

gabrieljenik

2023-06-15 18:47

manager   ~75648

I will need to review all the situations you gave.

Still, the table reviewed on 2023-05-23, holds? or need to updated?
Is there any case there which is not working properly?

DenisChenu

DenisChenu

2023-06-15 18:57

developer   ~75649

Last edited: 2023-06-15 18:57

I don't know … ping @ollehar @Mazi @c_schmitz

The real upset line is the 3rd line in the screen

User read all User Permission + "Group member can only see own group" to ON

  • Current situation : This user see only some user
  • Tomorrow : This user see all user.
gabrieljenik

gabrieljenik

2023-06-15 21:06

manager   ~75650

The real upset line is the 3rd line in the screen

User read all User Permission + "Group member can only see own group" to ON
Current situation : This user see only some user
Tomorrow : This user see all user.

Well, in curren situation, as he has read permissin to all usuers, he can go to user permissions and see all users, right?
Read permission overrules "group setting"

Als, recall there was a problem in the wording of that setting:

Also, we would change the label of the setting from "Group member can only see own group" to "Group member can see users from own group?".
And add some help text saying this will provide users which don't have "global user view permission", the possibility to see users from same group.

I understand you were OK with that.

ollehar

ollehar

2023-08-07 15:01

administrator   ~76458

Status reads "Ready for testing". Is there a PR? Discussion status?

gabrieljenik

gabrieljenik

2023-08-07 20:35

manager   ~76467

https://bugs.limesurvey.org/view.php?id=18468#c75236

PR v5: https://github.com/LimeSurvey/LimeSurvey/pull/3175

Discussion status? Probably these:
A) Lastest post from myself: https://bugs.limesurvey.org/view.php?id=18468#c75650
B) https://github.com/LimeSurvey/LimeSurvey/pull/3175#discussion_r1229837578

Issue History

Date Modified Username Field Change
2022-11-08 12:23 Mazi New Issue
2022-11-08 16:10 ollehar Priority none => high
2022-11-09 14:39 gabrieljenik Status new => acknowledged
2022-11-10 14:21 gabrieljenik Status acknowledged => confirmed
2022-12-07 19:50 gabrieljenik Note Added: 73020
2022-12-07 19:50 gabrieljenik Bug heat 0 => 2
2022-12-07 23:35 Mazi Description Updated
2022-12-07 23:35 Mazi Note Added: 73021
2022-12-07 23:35 Mazi Bug heat 2 => 4
2022-12-08 09:19 DenisChenu Note Added: 73024
2022-12-08 09:19 DenisChenu Bug heat 4 => 6
2022-12-08 09:26 DenisChenu Note Added: 73026
2022-12-08 09:28 Mazi Note Added: 73027
2022-12-08 09:42 DenisChenu Note Added: 73028
2022-12-08 09:46 Mazi Note Added: 73029
2022-12-08 09:49 DenisChenu Note Added: 73030
2022-12-08 09:53 DenisChenu Note Added: 73031
2022-12-08 09:54 DenisChenu Note Edited: 73031
2022-12-08 13:03 gabrieljenik Note Added: 73034
2022-12-08 14:14 DenisChenu Note Added: 73037
2022-12-15 17:34 gabrieljenik Note Added: 73147
2022-12-15 17:46 DenisChenu Note Added: 73151
2022-12-15 17:46 DenisChenu Note Edited: 73151
2023-04-11 10:46 Mazi Note Added: 74451
2023-04-11 11:09 DenisChenu Note Added: 74454
2023-04-11 12:22 Mazi Note Added: 74458
2023-05-09 18:45 gabrieljenik Note Added: 74901
2023-05-09 18:46 gabrieljenik Assigned To => gabrieljenik
2023-05-09 18:46 gabrieljenik Status confirmed => feedback
2023-05-09 19:37 DenisChenu Note Added: 74903
2023-05-15 18:36 gabrieljenik Note Added: 74992
2023-05-15 18:50 DenisChenu Note Added: 74996
2023-05-15 18:52 DenisChenu Note Edited: 73031
2023-05-17 23:21 gabrieljenik Note Added: 75051
2023-05-18 00:22 Mazi Note Added: 75071
2023-05-18 00:22 Mazi Status feedback => assigned
2023-05-18 14:47 gabrieljenik Note Added: 75075
2023-05-21 20:00 Mazi Note Added: 75125
2023-05-22 14:50 gabrieljenik Note Added: 75137
2023-05-22 19:14 Mazi Note Added: 75144
2023-05-22 20:54 gabrieljenik Note Added: 75145
2023-05-23 15:26 DenisChenu Note Added: 75159
2023-05-23 15:29 DenisChenu Note Edited: 75159
2023-05-23 17:09 gabrieljenik Note Edited: 75137
2023-05-23 17:17 gabrieljenik Note Added: 75188
2023-05-23 17:17 gabrieljenik File Added: image.png
2023-05-23 17:18 gabrieljenik Note Edited: 75188
2023-05-23 17:40 DenisChenu Note Added: 75190
2023-05-23 17:52 gabrieljenik Note Added: 75192
2023-05-23 18:05 DenisChenu Note Added: 75195
2023-05-23 18:12 gabrieljenik Note Added: 75196
2023-05-23 18:37 DenisChenu Note Added: 75200
2023-05-26 16:34 gabrieljenik Assigned To gabrieljenik => DenisChenu
2023-05-26 16:34 gabrieljenik Status assigned => ready for code review
2023-05-26 16:34 gabrieljenik Note Added: 75236
2023-05-26 19:05 DenisChenu Assigned To DenisChenu =>
2023-05-26 19:05 DenisChenu Status ready for code review => ready for testing
2023-05-26 20:10 gabrieljenik Issue cloned: 18842
2023-06-09 16:53 tibor.pacalat Note Added: 75533
2023-06-09 16:53 tibor.pacalat Bug heat 6 => 8
2023-06-12 14:46 gabrieljenik Issue cloned: 18875
2023-06-14 17:28 tibor.pacalat Note Added: 75635
2023-06-14 19:11 DenisChenu Note Added: 75638
2023-06-15 14:59 gabrieljenik Note Added: 75642
2023-06-15 15:36 DenisChenu Note Added: 75644
2023-06-15 15:37 DenisChenu Note Edited: 75644
2023-06-15 15:39 DenisChenu Note Added: 75645
2023-06-15 15:40 DenisChenu Note Added: 75646
2023-06-15 18:47 gabrieljenik Note Added: 75648
2023-06-15 18:57 DenisChenu Note Added: 75649
2023-06-15 18:57 DenisChenu Note Edited: 75649
2023-06-15 21:06 gabrieljenik Note Added: 75650
2023-08-07 15:01 ollehar Note Added: 76458
2023-08-07 15:01 ollehar Bug heat 8 => 10
2023-08-07 15:01 ollehar Assigned To => ollehar
2023-08-07 15:01 ollehar Status ready for testing => feedback
2023-08-07 20:35 gabrieljenik Note Added: 76467
2024-11-22 16:08 ollehar Assigned To ollehar =>