I have encountered the following problem. We use commtrack location
filters in all of our reports, and everything works correctly, unless
the logged in web user does not have admin privileges. I noticed in
that the filters are indeed restricted only to administrators. Is this
necessary, or could I change it to 'LoginAndDomainAuthentication', or
perhaps 'RequirePermissionAuthentication'? If the latter is preferred,
what would be the best permission to use in order to make sure all web
users would be granted access to the resource?
in my opinion, the commtrack location filtering of web reports should work
for all web users, even with no permissions.
note that this is separate from the ability to register a web user with a
location - which should only apply to those who have permissions to
register web users - or the ability to turn on location filtering for a
given domain - which should only apply to administrators.
···
On Mon, May 26, 2014 at 7:40 AM, Lech Różański wrote:
Hello,
I have encountered the following problem. We use commtrack location
filters in all of our reports, and everything works correctly, unless the
logged in web user does not have admin privileges. I noticed in commcare-hq/corehq/apps/locations/resources/v0_1.py at master · dimagi/commcare-hq · GitHub the filters are indeed restricted only to administrators. Is this
necessary, or could I change it to 'LoginAndDomainAuthentication', or
perhaps 'RequirePermissionAuthentication'? If the latter is preferred, what
would be the best permission to use in order to make sure all web users
would be granted access to the resource?
···
> On Mon, May 26, 2014 at 7:40 AM, Lech Różański wrote:
>
>> Hello,
>>
>> I have encountered the following problem. We use commtrack location
>> filters in all of our reports, and everything works correctly, unless the
>> logged in web user does not have admin privileges. I noticed in
>> https://github.com/dimagi/commcare-hq/blob/master/corehq/apps/locations/resources/v0_1.py#L28that the filters are indeed restricted only to administrators. Is this
>> necessary, or could I change it to 'LoginAndDomainAuthentication', or
>> perhaps 'RequirePermissionAuthentication'? If the latter is preferred, what
>> would be the best permission to use in order to make sure all web users
>> would be granted access to the resource?
>>
>
I agree with you and Rowena. I can't see any scenario where read-access to
the list of locations would require any special permissions, so I think
simply the LoginAndDomainAuthentication is appropriate. Feel free to make
and PR the change.