I am currently configuring Xibo 3.0.3 through Docker as a management platform for different users and screens. The hierarchical structure is like this:
Admin
– User group
---- Users (Owning multiple displays, layouts and media)
Each user can edit it’s own displays, layouts and media. So far everything is working fine.
But by setting the permissions, users can see other users, in this case, this means that a client can see a complete list of our registered Xibo clients on the Designs and Media page.
Is it possible to block all search views and filters for users? So they can’t see other users registered under Xibo?
I have been reading in another topic a similar problem, but in the solution they refer to a file which I do not have on my system, I imagine it is due to the installation through Docker. They talk about modifying some lines of this file:
/lib/app/permissionmanager.class.php
Hi, firstly we would strongly suggest that you do not multi-tenant Xibo like you have. It would be far better, and our recommendation, that you have a separate CMS installation per organisation to completely guarantee that each organisation would only see and access their own things.
With regards to Users seeing other users, there is an issue identified and recorded here: