[USERS] Create new user role → Dispatcher

[agichim]

[neatchillhub]

Greets from Hamburg to all! We looked into it-security and identified the "export" button in the admin dashboard as a significant risk for data loss. Coopcycle seems to use the administrator role for the dispatcher. I suggest that coopcycle creates a new role for the dispatcher who cannot export data. Otherwise the export function could be password protected. We need to use the export button only very rarely. What do you think about that?

[GuidoHaagen]

Just a quick rework of the request:

In order to reduce the danger of too many people having access to admin functionalities the role of dispatcher should be created.

I want to be able to assign the role of dispatcher in order to spread the risk of data leaks and one person kicking everybody out.

Whereas currently

• lots of people have the access to download a lot of data. Data that belongs to our customers and has to be protected.
• one person could kick all other administrator out and make the platform unreachable for everybody else.

[GuidoHaagen]

Do we have an update on the export function?

[alexsegura]

1/ Create a ROLE_DISPATCHER role in security.yml

https://github.com/coopcycle/coopcycle-web/blob/d41dd8175bf0ea7d566e7cf418e4da47afb180d5/app/config/security.yml#L11-L17

2/ Allow selecting the ROLE_DISPATCHER role in userEditAction

https://github.com/coopcycle/coopcycle-web/blob/master/src/Controller/AdminController.php#L596

3/ When user has the ROLE_DISPATCHER role, hide the "Export" button on the dashboard

https://github.com/coopcycle/coopcycle-web/blob/d41dd8175bf0ea7d566e7cf418e4da47afb180d5/js/app/dashboard/components/Navbar.js#L127-L131

---

As most dispatch operations are now checked against the ROLE_ADMIN role, probably we need to update a bunch of code that checks against this role... search for ROLE_ADMIN is src/ & app/

[alexsegura]

[AwesomeKuro]

In PR #3546 I took the liberty of adding a redirect similar to the one of admin login, redirecting to the dashboard if the user is a dispatcher. Also on the index page, now, the button for returning to dashboard would also be accesible for the dispatcher.

[AwesomeKuro]

Looks like line 56 in Action/Task/Assign.php is meant to allow only admin users to reassign a task. Does the dispatcher need to do this too?

[AwesomeKuro]

Create tag is inside admin/deliveries, which in turn contains a link to admin/settings/tags. What would be a reasonable solution for allowing to create tags with the dispatcher role? I understant almost all other options would have to be disabled.

[alexsegura]

A more detailed list of restrictions:

Menu area	Action	dispatcher allowed?
Dashboard	Add task	yes
	Edit task	yes
	(Re)assign task	yes
	Delete task	yes
	Import tasks from file	yes
	Export tasks to file	yes, with limits (see below)
Orders		don‘t know, we don‘t use this
Deliveries – Deliveries tab	Create delivery	yes
	Import deliveries	yes
	Export deliveries	yes, with limits (see below)
	View past deliveries	yes, with limits (see below)
Deliveries – Stores		honestly not sure
Deliveries – Pricing		no
Deliveries – Forms		no
Deliveries – Time slots		no
Deliveries – Packages		no
Deliveries – Zones		no
Deliveries – Tags	Create tag	yes
	Edit tag	no
	Delete tag	no
Deliveries – API		no
Deliveries – Vehicles		no
Deliveries – Integrations		no
Shops		don‘t know, we don‘t use this
Users	View users	no
	Edit user	no
	Invite user	yes, but only couriers
	Export	no
Statistics		probably not
Settings		no

[Paul-Eraman-CoopCycle]

@GuidoHaagen Have you guys tried this out in Tricargo? I´d like to confirm that it is working as hoped

[GuidoHaagen]

@Paul-Eraman-CoopCycle Yes. We are using it and were able to limit the admins to 3 persons.

Last issue about inviting a user directly as dispatcher was solved directly and communicated via slack.

Can be closed

[Paul-Eraman-CoopCycle]

🥳

[GuidoHaagen]

:)