Plugins Directory » External Staff Control
|
|
Author: | Florian Stoffregen |
|---|---|---|
| Website: | https://www.auxiliary-x.org/external-staff-control-plugin/ | |
| Code repository: | - | |
| Registered on: | 2021-02-04 (about 3 years ago) | |
| Current version: | 1.1.1 | |
| Compatible with: | Redmine 4.2.x, 4.1.x, 4.0.x, 3.4.x | |
| User ratings: |
External Staff Control Plugin - protect your intellectual property¶
The External Staff Control Plugin adds a security layer to your Redmine by classifying users into internal and external staff.
This plugin supports you to prevent external staff to gain access to internal information of your company without your consent.
External users only see projects they are member of. Internal users will experience the same Redmine functionality as they always have without any restrictions.
Features:¶
- handle the access permissions of all users according to the least privilege principle
- access control for projects, issues, wikis, links, issue history, news, activities, etc.
- access violations are reported in your Redmine logfile
- Dead links are rendered as restricted links
General resource visibility comparison (external vs internal user)¶
| The illustration on the right provides a general overview of the difference in resource visibility between an external and internal user. The visibility restrictions for external users apply for all resources in the respective projects. |  |
Internal & External Staff Configuration¶
| Fully control the permissions of your internal and external staff. The plugin follows the least privilege principle to protect your assets. Every new user in your Redmine gets the status "external staff". As soon as you classify a user as "internal staff", the user gets access to all public projects. |  |
Protect sensible projects¶
| URL crawling is prevented by redirecting unauthorized access (403) warnings to a resource not available (404) notification. This prevents that the existence of certain projects will be revealed by simply crawling through possible project names or iterating the issue counter. |  |
Project overview comparison (internal vs. external staff)¶
| Internal Staff | External Staff |
|---|---|
 |
 |
External users only see projects they are member of. Internal users will experience the same Redmine functionality as they always have without any restrictions.
Issue rendering comparison (internal vs. external staff)¶
| Internal Staff | External Staff |
|---|---|
 |
 |
External users only see information related to the project they are a member of. Items which link to information of a project inaccessible to the external user, history entries, a related issue list item, wiki page links, issue links, etc., are hidden by the External Staff Control Plugin.
Changelog
1.1.1 (2021-12-01)
Compatible with Redmine 4.2.x, 4.1.x, 4.0.x, 3.4.x.
Bug fix for textile rendering in Redmine 4.2.2.stable.
Bug fix for migration process (Rails 4.2).
1.1.0 (2021-06-24)
Compatible with Redmine 4.2.x, 4.1.x, 4.0.x, 3.4.x.
Simplified installation process across all compatible Redmine versions.
1.0.0 (2021-02-04)
Compatible with Redmine 4.1.x, 4.0.x, 3.4.x.