Hello everyone,
with v15 there ist the new role “Desk User”. I have some problems with the permission of a standard user. Example:
I have a workspace which is only available for certian roles. However as an Desk User (normal System User), you can see the workspace in workspace list.
A) Workspace Role set to only Administrator. (Normal Workspaces do not have any role assigned, Why are they shown anyway to normal user?)
B) Workspace List viewed as normal User (Not Administrator)
C) Also Detail View is possible
However the Workspace wont show up in the sidebar in the standard desk view. But in my imagination, the workspace shouldn´t be available at all to the not Administrator user?
This seems to be possible because of this doc permission:
My go to way would be to delete the workspace permission to the desk user in my app, but I have to questions to this:
-
Will there be some side effects? Is it possible to just “delete” the permission to Desk User
-
Is it possible to delete this from phyton code within the app installation? In my guess I have to change the doctype “Workspace” in the database and change there the “role” column to remove the “Desk User” Entry?
-
Is it intended that way ? Desk User and Role “All” have way to much permission in my opinion. They can see to much. As example: why does the role “all” has the abbility to see “Website Setting”? This leads to show the “Website” Workspace to normal user…
Thanks