Project

General

Profile

Actions

Feature #96672

open

Make the user TSconfig of non-admins debuggable in the backend

Added by Lina Wolf over 2 years ago. Updated over 2 years ago.

Status:
New
Priority:
Should have
Assignee:
-
Category:
-
Target version:
-
Start date:
2022-01-29
Due date:
% Done:

0%

Estimated time:
PHP Version:
Tags:
Complexity:
Sprint Focus:

Description

Currently the final User TS config of the currently logged in user can be viewed and debugged in the module

System > Configuration > $GLOBALS['BE_USER']->getTSConfig() (User TSconfig)

However this being a System module it cannot be accessed by non-admins.

It is therefore not possible to view or debug the User TS config of non-admins.

I would therefore suggest to move this action into the info module. Then an admin can simulate a backend user and have a look at the TSconfig of the current user.

A currently logged in user can only see his own pageTSconfig which is revealed to him anyway.

Actions #1

Updated by Georg Ringer over 2 years ago

just as a note: even though the editor can only see the own configuration doesn't mean that this is good from security aspect because this can reveal data which is not to be meant for editors

Actions

Also available in: Atom PDF