Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Accessing an inherited survey presents as if sub-org admin can edit it #1722

Closed
4 tasks done
richardolsson opened this issue Dec 18, 2023 · 5 comments · Fixed by #1941
Closed
4 tasks done

Accessing an inherited survey presents as if sub-org admin can edit it #1722

richardolsson opened this issue Dec 18, 2023 · 5 comments · Fixed by #1941
Assignees
@kaulfield23
Labels
🐜 bug Something isn't working 🚪 entry-level Good for newcomers 🐬 Medium Just a nice sized issue.

Comments

@richardolsson
Copy link
Member

richardolsson commented Dec 18, 2023
edited by kaulfield23

Description

When a survey is inherited to a sub-organization, admins of that sub-organization should only be allowed to see the submissions, not edit the survey in any way. But navigating to such a survey today (and even more relevantly, after a fix to #1721) leads to a normal survey page where things seem like they're editable, but editing them as a sub-org admin will (correctly) be prevented by the API and raise errors.

Steps to reproduce

  1. Go to http://localhost:3000/organize/1/projects (parent org)
  2. Click on any survey (go via "Activities" if none shows up in the overview)
  3. Go to the "submissions" tab
  4. Make sure "share with sub-organizations" is activated
  5. Change the URL to replace the org ID 1 with 2 (just clicking won't work at the time of writing because of Inherited survey links to parent organization #1721)
  6. Ono the survey page that loads, interact with the title

Expected Behaviour

The title should be read-only, because you are acting within an organization that does not own this survey.

Actual Behaviour

The title can be edited. If you had been logged in as a sub-org admin, editing it would also throw an error, but that's secondary, because the interface should not present as editable in the first place.

Screenshots (if you have any)

image

Proposed solutions

When visiting an inherited survey, disable all editable fields. Present a banner somewhere saying something along the lines of "This survey is owned by ORG TITLE so you can't edit it" if the user is not an admin in the parent org, or "This survey is owned by ORG_TITLE. Go to LINK to edit it" if the user is an admin in the parent org.

Editable fields that need to be disabled include:

  • The title
  • The "publish" button and scheduling widget
  • The content in the "questions" section
  • Under submissions, the "share with sub-organizations" option
@richardolsson richardolsson added 🐜 bug Something isn't working 🚪 entry-level Good for newcomers 🎨 needs-design 🐬 Medium Just a nice sized issue. labels Dec 18, 2023
@richardolsson
Copy link
Member Author

Maybe @yusf can suggest a design for such a banner? Or a completely different solution if you want?

@sefsh
Copy link

sefsh commented Dec 18, 2023

Ah yes, this will need a general read-only type of designed solution as we should expect this situation to emerge repeatedly as we expand on features of sharing content across orgs.

@sefsh sefsh self-assigned this Dec 18, 2023
@sefsh
Copy link

sefsh commented Feb 15, 2024
edited

Finally a stab at this issue!

  • Top banner with MUI "info" coloring and iconography
    • User with view privilege This survey is owned by ORG_TITLE and is not editable.
    • User with edit privilege This survey is owned by ORG_TITLE and is editable only from its original location.
      • Embedded button labelled Go to original
  • Title is static, not editable
  • Publish button disabled
  • Scheduling widget disabled
  • Survey sections not editable
  • Survey sections marked for hiding by owner completely hidden
  • Survey section position tools hidden
  • Submissions sidebar sections hidden
  • Submissions linking tool hidden, replaced with static text Unlinked
  • Submission content marked for hiding by owner completely hidden

View privilege

bild
bild
bild
bild

Edit privilege

Same as above but a different banner message and action.
bild

@richardolsson
Copy link
Member Author

@sefsh The last image ("Edit privilege") looks identical to the previous one to me. Is it a copy-paste mistake?

@kaulfield23 kaulfield23 self-assigned this Apr 25, 2024
@kaulfield23
Copy link
Contributor

kaulfield23 commented Apr 26, 2024
edited

  • Top banner with MUI "info" coloring and iconography
    User with view privilege This survey is owned by ORG_TITLE and is not editable.
    User with edit privilege This survey is owned by ORG_TITLE and is editable only from its original location.
    Embedded button labelled Go to original
  • Title is static, not editable
  • Publish button disabled
  • Scheduling widget disabled
  • Survey sections not editable
  • Survey sections marked for hiding by owner completely hidden
  • Survey section position tools hidden
  • Submissions sidebar sections hidden
  • Submission content marked for hiding by owner completely hidden
  • Shared in project overview

@kaulfield23 kaulfield23 mentioned this issue May 7, 2024
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@kaulfield23 kaulfield23

Labels
🐜 bug Something isn't working 🚪 entry-level Good for newcomers 🐬 Medium Just a nice sized issue.
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Issue 1722/sub org survey read only zetkin/app.zetkin.org
3 participants
@sefsh @richardolsson @kaulfield23