User being directed to unauthorized page #57
Comments
|
@dowdf, can you help us recreate the problem you are experiencing? So screenshots of what you are seeing might be helpful. A project XML and a screenshot of the FRSL module configuration could also be helpful. |
|
I stripped down the project and exported it. I’ve attached screen shots of the module configuration, the user rights page for the role, and the data entry/error. I found out that the error happens for both development and production modes. Our site uses shibboleth authentication. Please let me know if there is anything else that would help you reproduce the problem.
From: Philip Chase <notifications@github.com>
Sent: Friday, October 11, 2019 7:53 AM
To: ctsit/form_render_skip_logic <form_render_skip_logic@noreply.github.com>
Cc: Fred Dowd <dowdf@uw.edu>; Mention <mention@noreply.github.com>
Subject: Re: [ctsit/form_render_skip_logic] User being directed to unauthorized page (#57)
@dowdf<https://github.com/dowdf>, can you help us recreate the problem you are experiencing? So screenshots of what you are seeing might be helpful. A project XML and a screenshot of the FRSL module configuration could also be helpful.
—
You are receiving this because you were mentioned.
Reply to this email directly, view it on GitHub<#57?email_source=notifications&email_token=AKKAWZG56S7N2OOZ4E7WABTQOCHLBA5CNFSM4I7SV5D2YY3PNVWWK3TUL52HS4DFVREXG43VMVBW63LNMVXHJKTDN5WW2ZLOORPWSZGOEBAH3SA#issuecomment-541097416>, or unsubscribe<https://github.com/notifications/unsubscribe-auth/AKKAWZBWVDS5M5KPVUXWQK3QOCHLBANCNFSM4I7SV5DQ>.
|
|
Here are screen shots and the XML as a zip. I am not using the Linear Data Entry Workflow module. KPMPParticipantManag_2019-10-11_2115.REDCap.zip
|
|
I'm having exactly the same issue. It would be helpful if this could be fixed. Great module by the way. |
This check should prevent the access denied error described in ctsit#57. Currently always checks against the logged in user and ignores the "View project as user" option.
|
I've made a proposed fix for this issue at https://github.com/NikNakk/form_render_skip_logic/tree/fix_user_rights . Note that at present it does not respect the 'View project as user' option for admins, but should work ok in normal use. I've also not yet done extensive testing. I'd be happy to make a pull request if helpful but thought I'd add it to the issue discussion first. |
|
I've now got it to handle the 'View project as user' option too. |
I am on REDCap 9.1.1 and using version 3.3.7
In an event on a longitudinal project in production mode, if a user is on a form where the module has hidden the rest of the forms in the event, but there is another form in the event that is hidden due to user rights, but not hidden by the module, REDCap displays Save and go to next form. That takes the user to the form that should be hidden because of user rights, and the user gets an unauthorized message for that page. This doesn't happen in development mode.
The text was updated successfully, but these errors were encountered: