Hi all,
Is it possible to make hide the list of users ? if I move to the Users section, the user can see the list of users and their mails.
i.e.
If my company has 100 employees, I woudn’t others users to view the entire list.
Many tranks in advance
Pietro
Q5. Community support
People can vote for this idea to show traction:
Must have: this is critical for me to have this
Should have: this is important for me to have this
Could have: this could be nice to have
Won’t have: we should not schedule this (explain why)
@agilex at the moment it is not possible. Can you explain in your case what kind of users they should see? For example only the users of groups they are member of would work?
I do not understand why users should see this list ?!
This is to enable sharing entries. People need to be able to see their details and public key for verification.
Maybe I could try to put users in single groups? example 1/1, a group for each user?
I don’t see how this would solve your problem.
What I was suggesting is a settings where regular users could only see the other users that are part of a group they are a member off. If they are not part of any group they won’t see anybody. That’s one example of solution.
Another solution would just be to remove the link to the “users” workspace for non admin users. People will still be able to share but they won’t see the workspace. Another would just to hide all users except admin as you are suggesting.
If other users are requesting this feature we can consider it. You are the first to complain of this, but maybe more people are in your case.
@remy thank you very much for your suggestions, I wondered if the second option (ie remove the link “users”) can I apply it via configuration or I’ve to customize the application by intervening with a software modification ?
I tried this configuration but unfortunately it doesn’t change anything.
The user (only in the group) keeps seeing all the users present in the “users” area.
I add that the user in the group can share passwords with all users of the system, disregarding the presence of the group, inside there is himself and an administrator.
These steps:
Created Group
added administrator and a normal user
connected with the ‘normal’ user I continue to see all users
What am I doing wrong ?
Thank you so much for the support
I fully agree on this idea, another solution would be to mark user as a guest.
Guests cannot see any other user.
In an example, the guest would be a customer, passbolt could be an optimal solution to share passwords with your customers.
If you set up network devices, website, etc. for your customer then you could give them all passwords in one place.
Use case : We use a password manager with our customers so that they can share their credentials to our tech team.
We want them to share credentials either :
with pre-authorized groups.
using an e-mail address of another user they got privately.
But they shouldn’t be able to see other customers or staff informations automatically suggested.
Especially not their private informations like name or e-mail address.
Nor share to the wrong group/person by accident because they selected the wrong recipient in a suggestion list.
LP does this well, you have to know the e-mail of the person you want to share with - no suggestions from the entire user database when you type (the only suggestions you get is people you already shared something with in the past).
I agree it would be beneficial to have guests,or read-only users. If a user is read only the user can only receive “can-read” passwords, and cannot share any passwords, thus does not need the user list.
Hello! I think the suggestion “Another solution would just be to remove the link to the “users” workspace for non-admin users” would solve it for most of the use cases presented and would hopefully be an easy change?
Edit: On reflection, that’s not enough. Could a setting be added to the user object ‘Enable sharing’. By default it is on, but it removed the user could not see the user list or share any of their passwords (hence not have to see the user list). This is a show stopper for us using the system.
I’m poking sticks at passbolt to see what its all about. In the RBAC settings, I set “Can see users workspace” for User to “Deny”. “Users” no longer have “users” as an option in the menu, but if you add “/app/users” to the URL the “Users” page displays normally for users even though they’re not supposed to have access. It appears that this toggle doesn’t actually have an actual permissions enforcement but is simply a UI tweak of removing a menu item.
I’m running 4.4.2 on an Ubuntu 22.04 server.
Is this expected behavior as of version 4.4.2 or have I inadvertently done something horribly wrong?
This is expected. For initial version of RBAC, we just hide UI actions. In upcoming versions we will improve it to add more permission checks in API side also.
Must have: this is critical for me to have this
Should have: this is important for me to have this
Could have: this could be nice to have
Won’t have: we should not schedule this (explain why)
