Light

alphanodes / redmine_sudo Goto Github PK

View Code? Open in Web Editor NEW

7.0 6.0 1.0 985 KB

Sudo for Redmine - work without administrator permission, and switch to it if needed

Home Page: https://www.redmine.org/plugins/redmine_sudo

License: GNU General Public License v2.0

Ruby 95.84% Slim 4.16%

redmine redmine-plugin sudo administrator permission

redmine_sudo's Introduction

Sudo plugin for Redmine

Features

User can switch to admin permission
User with admininistrator permission can drop admin permission
Multilingual

PROs vs default behavior

No extra user with admin permissions is required. Common use case is, to create a user called "admin" for it and multiple other users use it.

Fast switch between admin permission and default user permission. You just activate it, re-enter your password (if required), work as administrator.

Automatically timeout of working time with admin permission. This can be configured with sudo_mode_timeout. After a specific time period of doing nothing you are automatically logged out as administrator and proceed doing your work with the regular permissions.

Break Redmine default

If a user has to have admin permisson, he has not this permission after login. He/she must switch to it (with top menu toggle) to get it. Redmine sudo-mode is used for time period and requesting password to switch to admin permission.

Redmine Requirements

Redmine version >= 5.0
Redmine Plugin: additionals
Ruby version >= 2.7
Redmine sudo_mode has to be turned on in config/configuration.yml

Installation

Note: all existing admin users will be converted to sudoer (which means, they can switch to admin)

Note2: Make sure you created a backup of your database before install!

Install redmine_sudo plugin for Redmine

cd $REDMINE_ROOT
git clone git://github.com/alphanodes/redmine_sudo.git plugins/redmine_sudo
git clone git://github.com/alphanodes/additionals.git plugins/additionals
bundle install --without development test
bundle exec rake redmine:plugins:migrate RAILS_ENV=production

Restart Redmine (application server) and you should see the plugin show up in the Plugins page.

Uninstall

Note: all existing sudoer users will be converted to admin users.

Uninstall redmine_sudo

cd $REDMINE_ROOT
bundle exec rake redmine:plugins:migrate NAME=redmine_sudo VERSION=0 RAILS_ENV=production
rm -rf plugins/redmine_sudo

Restart Redmine (application server)

Credits

@jbbarth for the idea of this plugin, but a different workflow. You can find his version here: https://github.com/jbbarth/redmine_sudo

Known problems

for api calls admin permissions are temorarily set for sudoer (not to database). This can be some negative side effect for some return values

redmine_sudo's People

Contributors

Stargazers

Watchers

Forkers

redmine_sudo's Issues

interaction with impersonate plugin

Redmine 5.1.0 Debian 12 Postgres 16 PurpleMine2, plugin installs correctly and works correctly but if impersonate plugin is installed https://github.com/nounderline/redmine_impersonate on exit impersonation mode error is returned

F, [2023-12-02T15:38:02.552605 #22286] FATAL -- :
NoMethodError (undefined method delete' for nil:NilClass): plugins/redmine_impersonate/app/controllers/impersonation_controller.rb:38:in destroy'
lib/redmine/sudo_mode.rb:61:in `sudo_mode'

When user is admin: false, sudoer: true, they don't receive admin emails

Noticed that we weren't receiving account activation emails reliably.

Just tracked it down to this plugin. Since the plugin converts everyone from admin to sudoers, except when in "admin mode". Those users don't get the proper admin emails, except if they happen to be admin at the time.

A list of functions that send an email to all admins:

mailer.rb: deliver_settings_updated
users = User.active.where(admin: true).to_a
user.rb: deliver_security_notification
users = User.active.where(admin: true).to_a
mailer.rb: deliver_account_activiation_request
users = User.active.where(:admin => true)

I'm assuming a fix would be to also grab users who are sudoers in these functions, but I'm not sure how to override these functions from the plugin...

something like:

User.where('admin: true OR sudoer: true')

problems installing addons in redmine 5.0.5 from bitnami

Hi,

I hope I'm not bothering you with this problem. I'm having trouble meeting the installation requirements. I need to add the following additional version 3.0.8 to the requirements and enable sudo mode in the configuration.xml file.

When I run the command "sudo bundle exec rake redmine:plugins:migrate RAILS_ENV=production", I receive an error message that says:

"Your Redmine configuration file located at /opt/bitnami/redmine/config/configuration.yml is not a valid YAML file and could not be loaded: (): did not find expected key while parsing a block mapping at line 11 column 1"

Please note that the file is located at /bitnami/redmine/config, and there is a link to its actual location in /opt/bitnami/redmine/config/configuration.yml.

Thank you for your help.

Release new version

Can you please release (create a git tag) a new version?

Recommend Projects

React

A declarative, efficient, and flexible JavaScript library for building user interfaces.
Vue.js

🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
Typescript

TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
TensorFlow

An Open Source Machine Learning Framework for Everyone
Django

The Web framework for perfectionists with deadlines.
Laravel

A PHP framework for web artisans
D3

Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

javascript

JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
web

Some thing interesting about web. New door for the world.
server

A server is a program made to process requests and deliver data to clients.
Machine learning

Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Visualization

Some thing interesting about visualization, use data art
Game

Some thing interesting about game, make everyone happy.

Recommend Org

Facebook

We are working to build community through open source technology. NB: members must have two-factor auth.
Microsoft

Open source projects and samples from Microsoft.
Google

Google ❤️ Open Source for everyone.
Alibaba

Alibaba Open Source for everyone
D3

Data-Driven Documents codes.
Tencent

China tencent open source team.