Join the conversation

Sign in to join this conversation, and others like it, in the communities you care about.

Wekan

Wekan is an open-source kanban board (Trello like) which allows a card-based task and to-do management.

Wekan / Bugs

add user api ignores admin true parameter in body

add user api ignores admin true parameter in body

Wekan/Bugs · April 9, 2020 at 10:29pm

add user api ignores admin true parameter in body

Wekan / Bugs · April 9, 2020 at 10:29pm

Create a board with an owner. Owner is a member with admin: true.

Add a member and as per api set action to add and isadmin to true. Added member is not an admin.

ie: that new member added does not get the icon permiiting archiving a board when you hover over the board.

If you look in mongo you see an array of the two users, under the key Members

The first item in that array is the one added to the board at board creation time as the owner and isadmin is set to true

The second member of the two element mongo array for that board is the added user and isadmin is set to false

in Both cases no comment and comment only and worker are all set as false

Load previous messages

April 10, 2020 at 9:04pm

OR it would be an attribute per member like isAdmin

    • reply
    • like

    I did not see any of this in the api doc nor in the mongo collections, so if you tell me where it goes, I am good. Whether the tools work or not is not an issue as long as I know the mongo format and if its populated correctly the GUI does what it is suppose to do

      • reply
      • like

      thanks

        • reply
        • like

        April 11, 2020 at 3:15pm

        Hello good Morning. Just a quick one. I do not need you to fix wekan code. At the moment I just need to know when I have to set boardadmin in mongo to enable a particular user to be able to see the icons that archive and eventually permit you to delete a board. I cannot find that key anywhere in the mongo collections I have looked but obviously the owner has something set somewhere. If you can point me to that collection I can make the change without you recoding at this time. If board admin is not the correct key, I understand. If the wekan GUI drivers are ignoring mongos correct key values, I understand. But if some attribute just needs to be set in a mongo collection, that is easy for me to do. THanks as always :)

          • reply
          • like

          April 11, 2020 at 8:01pm

          I did find under users collection that the second users does not have an isAdmin key at all

            • reply
            • like

            will try that next I guess

              • reply
              • like

              ok more info. I added the the second user an isAdmin key in collection users. The appranet owner had this key and this additional member did not, I set the value to the key to be true

                • reply
                • like

                so now the icons when you roll over are now visible on the second member including the icon for archiving

                  • reply
                  • like

                  when you click the archive icon the board disappears. If you go to the archive tabe nothing is inside with this user can see. So you can archive a board but no permissions to deleted the archive board

                    • reply
                    • like

                    in another browser I had the same thing upen with the other owner user (the first admin for wekan. He can see the archived board under the archived tabe. It restores aand it can be deleted. If restores the other user can see if

                      • reply
                      • like

                      so the users collect IsAdmin true does provide some of the feature but not all of it

                        • reply
                        • like

                        Its would appear that a member has no persmissions to archive or delete even if the member isAdmin is set and what you send via the api does not matter. The users account determines if you can archive but not iuf you can actually delete and that archived boards are not visible excpet to the owenr or first admin for wekan

                          • reply
                          • like

                          Thanks

                            • reply
                            • like

                            I think users isAdmin does mean Wekan admin that has access to REST API and everything

                              • reply
                              • like

                              Anyway, I need to think a lot and test before making any changes

                                • reply
                                • like

                                so that I would not set wrong permissions

                                  • reply
                                  • like

                                  April 11, 2020 at 10:05pm

                                  I will keep looking. I am getting closer :)

                                    • reply
                                    • like

                                    April 15, 2020 at 3:45pm

                                    ok well I guess since the GUI and Mongo both show all members of a board as isAdmin in board and user collections and we still have a difference in behavior on deletions, and I cannot find anything in mongo that supports that difference in behavior it would appear then only thing I can do is have one member and that member be the owner

                                      • reply
                                      • like

                                      April 16, 2020 at 5:29pm

                                      OK here is something I did not expect.

                                        • reply
                                        • like

                                        I made the owner the user member and I swapped that and made the former owner a member. THe former Owner is the FIRST admin that is created when you first install wekan. And even though the isAdmin true is set in the user collections and the board collections there is somethin special about that first admin

                                          • reply
                                          • like

                                          and as I expected the owner of a board has full deletion rights

                                            • reply
                                            • like

                                            so when you make the system first admin just a member and you make a regular user isAdmin true in both collects the owner.....

                                              • reply
                                              • like

                                              BOTH can delete archive and then both can see the archived boards and restore them or delete them

                                                • reply
                                                • like

                                                I have no idea why the first admin has extended rights. but this is what is happening. I tested back and forth. creating a new board/swimlane/member/list/card set through the api and then using the gui going back with two browsers each logged in as the two users

                                                  • reply
                                                  • like

                                                  What I do not understand is where in Mongo (or other) that those distinctions are saved (that the board owner is special,) (that the first admin in the system is special)

                                                    • reply
                                                    • like