Location filter for non-admin web users

Hello,

I have encountered the following problem. We use commtrack location
filters in all of our reports, and everything works correctly, unless
the logged in web user does not have admin privileges. I noticed in


that the filters are indeed restricted only to administrators. Is this
necessary, or could I change it to ‘LoginAndDomainAuthentication’, or
perhaps ‘RequirePermissionAuthentication’? If the latter is preferred,
what would be the best permission to use in order to make sure all web
users would be granted access to the resource?

Regards
Lech

in my opinion, the commtrack location filtering of web reports should work
for all web users, even with no permissions.

note that this is separate from the ability to register a web user with a
location - which should only apply to those who have permissions to
register web users - or the ability to turn on location filtering for a
given domain - which should only apply to administrators.

··· On Mon, May 26, 2014 at 7:40 AM, Lech Różański wrote:

Hello,

I have encountered the following problem. We use commtrack location
filters in all of our reports, and everything works correctly, unless the
logged in web user does not have admin privileges. I noticed in
https://github.com/dimagi/commcare-hq/blob/master/corehq/apps/locations/resources/v0_1.py#L28that the filters are indeed restricted only to administrators. Is this
necessary, or could I change it to ‘LoginAndDomainAuthentication’, or
perhaps ‘RequirePermissionAuthentication’? If the latter is preferred, what
would be the best permission to use in order to make sure all web users
would be granted access to the resource?

Regards
Lech


You received this message because you are subscribed to the Google Groups
"CommCare Developers" group.
To unsubscribe from this group and stop receiving emails from it, send an
email to commcare-developers+unsubscribe@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.


Rowena Luk
VP of Strategy
Dimagi, Inc.

Skype: rowenaluk
Phone: +1 857 919 5178

Hi Lech,

··· > On Mon, May 26, 2014 at 7:40 AM, Lech Różański wrote: > >> Hello, >> >> I have encountered the following problem. We use commtrack location >> filters in all of our reports, and everything works correctly, unless the >> logged in web user does not have admin privileges. I noticed in >> https://github.com/dimagi/commcare-hq/blob/master/corehq/apps/locations/resources/v0_1.py#L28that the filters are indeed restricted only to administrators. Is this >> necessary, or could I change it to 'LoginAndDomainAuthentication', or >> perhaps 'RequirePermissionAuthentication'? If the latter is preferred, what >> would be the best permission to use in order to make sure all web users >> would be granted access to the resource? >> > I agree with you and Rowena. I can't see any scenario where read-access to the list of locations would require any special permissions, so I think simply the LoginAndDomainAuthentication is appropriate. Feel free to make and PR the change.

cheers,
Cory