Jump to content
support

New Permissions Report requested

Recommended Posts

Hi All,

 

One of our customers emailed us with the following feature request, please up vote by adding a +1 if you like this idea:

 

I just found out that the report “What permissions exist for a user?” only includes permissions granted specifically to that user.

We are using lots of groups including AD groups and these permissions are not present in the report.

Our first expectation was that these should be in there because when a user uses passwordstate he gets the both sets of permissions.

We are using this report when somebody leaves the company to see which lists the user had access to, but we’re now missing out on lots of lists which have their permissions assigned via groups.

 

I did find the “What passwords can a user see?” report which does seem to include more information, but it outputs all passwords individually as opposed to outputting the permissions individually.

So it’s a bit of information overload in this report and requires a bunch of steps in excel to group all entries by password list.

Also the report duplicates entries when a user is member of multiple groups and/or has personal permissions assigned.

Would it be an idea to create an “What effective permissions exists for a user” which shows the effective permissions of a user?

So:

  • Permissions assigned to the user
  • Permissions assigned to groups a user is member of
  • Duplicate permissions are merged into 1 entry showing the highest permission (Admin > Modify > View > Guest)

 

 

Regards,

Support.

Share this post


Link to post
Share on other sites

+1

 

13 minutes ago, support said:
  • Duplicate permissions are merged into 1 entry showing the highest permission (Admin > Modify > View > Guest)

 

Duplicates should be displayed, or an option to merge them provided. The report can be useful for cleaning up duplicate permissions.

Share this post


Link to post
Share on other sites

+1

Also it is difficult to understand the situation where a user is duplicated many times when you look at the permission list. For example:

  1. User A has modify permissions for Record A
  2. User A has view permissions for Record B

I will have the same user displayed 3 times: 2 for above permissions, 1 record under the guest column. Perhaps it would be possible to separate such views? One for password list level, second for individual records?

Share this post


Link to post
Share on other sites

Hello Azkabahn,

 

If you are applying permissions to individual Password records, then they user should only ever had Guest access to the Password List. You can then view their actual access to individual records from the 'Actions' menu for those records.

If you are seeing something other than Guest access at the Password List, then they have also been given access to the full Password List, and you might want to spend some time cleaning up this duplication.

Regards

Click Studios

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...

×
×
  • Create New...