Question - Lock Down Public Filter Creation

Is it possible to prevent a user (group) from creating a public filter, or at the very least, do not have it be the default? It seems unusual that any user can gunk up the system with public filters that others users are forced to see.

Im really sorry, i missed this … please if anyone notice lack of feedback here please send an email to support@eramba.org, we dont want anyone without support.

Yes is (or should) be possible to ban anyone from creating filters, remember every click you do in eramba in the end is an ACL (system / settings / access lists) so is just a question of finding which ACLs you need!

the guide above has the answer, but since your need is a bit tricky (and we left you without an answer) we’ll try to help you. The creation of a filter is actually when you save it … and as i understand that is the action you want to block:

To find out which ACL is the one you need i right click on Google Chrome and use inspector:

then you click on the save button and you will see the exact url eramba calls when you click “save”

the url is: /advanced_filters/advancedFilters/add/SecurityService?modalId=1&_=1552383857022

Now … enough of hacking stuff, go to system / settings / access lists , select the group your users have and search for this url:

as you can see my group has that allows , i’ll disable by clicking it … then if i logout and login with a user on that group and i click on save on a group i get the following:

i hope this helps !!

Takeaway for us, the ACL forbiden error is the same error window as any other error in eramba … and is ugly, we’ll customise an error for forbiden access. Internal ref: https://github.com/eramba/eramba_v2/issues/2044

Hi there,

Thanks for the response. Using filters was my first thought, however I don’t want to prevent all filter creation - just public filters. It’s perfectly fine for a user to create a private filter for their own use but I’m trying to prevent a user from creating a lot of public filters that may confuse other users. We’ve already run into this scenario.

At the very least, filters should be private by default so a user is forced to think about whether they really want to make the filter public.

Oh - i see now , the “creation” and “save” both use the same url , that means they hit the same ACL target … so when blocking one you block the another.

We’ll need to correct this on the next release by splitting this into two separate ACLs , i just updated the internal github issue…thanks!

Keep in mind that filters still default to public, which I don’t believe should be the case. In my opinion, a user shouldn’t be able to affect all other users without some checks and balances.