Uploaded image for project: 'Moodle'
  1. Moodle
  2. MDL-50731

Allow sufficiently permissioned users to access other users Browser sessions report

    XMLWordPrintable

    Details

    • Type: Improvement
    • Status: Open
    • Priority: Minor
    • Resolution: Unresolved
    • Affects Version/s: 2.9
    • Fix Version/s: None
    • Component/s: Authentication, Reports
    • Labels:
    • Difficulty:
      Easy
    • Affected Branches:
      MOODLE_29_STABLE

      Description

      From a support and administration point of view, it would be very useful if sufficiently authorized users (like admin) could access the Browser session report on the user profile page.

      I don't believe it is really a security issue, as it only exposes: IP address, last access (both of which an admin can get in the logs), the DB record number of the session (in the URL path), and log of sessions.

      I haven't looked through the capabilities list to see if there one that would make sense to tie this to.

        Attachments

          Issue Links

            Activity

              People

              Assignee:
              Unassigned Unassigned
              Reporter:
              emerrill Eric Merrill
              Participants:
              Component watchers:
              Adrian Greeve, Jake Dallimore, Mathew May, Mihail Geshoski, Peter Dias, Sujith Haridasan, Adrian Greeve, Jake Dallimore, Mathew May, Mihail Geshoski, Peter Dias, Sujith Haridasan
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

                Dates

                Created:
                Updated: