Restrict Editor Access to Journal & Website Settings but Allow Access to "Users & Roles"

Software Support
1

I am currently using OJS 3.5.0-1 and would like to request guidance on a role-based permission customization.

Current Roles:

  • Journal Manager

  • Editor

Current Situation:

Both the Editor and the Journal Manager can:

  • Access Settings > Journal and Settings > Website

  • Access Users & Roles (including “Login As” functionality)

Desired Outcome:

I want to restrict the Editor role so that:

  • :cross_mark: Cannot access Settings > Journal

  • :cross_mark: Cannot access Settings > Website

  • :white_check_mark: Can access Users & Roles

  • :white_check_mark: Can use “Login As” functionality

Essentially, I want Editors to have partial administrative access, focused only on user management, without permission to change journal or website configurations.

Question:

Is there a way to achieve this customization through the UI, roles/permissions config, or via a plugin or code modification?

Any help, example code, or plugin recommendations would be appreciated.

2

Hi @esciencepress,

You can edit the role setting to some degree in the roles settings:

https://docs.pkp.sfu.ca/learning-ojs/journal-managers/en/users#permissions-roles

But that is largely based on limiting roles’ access to certain stages. Customizing roles in the manner that you’ve described would likely have to be done through modification of the codebase or through a plugin. Or possibly a combination of the two. To my knowledge, there is not a plugin that does that specifically (FYI: for a list of some of the most plugins, please see here: https://docs.pkp.sfu.ca/plugin-inventory/en/)

As to customizing the codebase, please note that while feasible, it does come with certain risks, as code customizations can create complications when it comes to upgrade, as it may potentially introduce incompatibilities, so we always urge caution around this.

If you are interested in developing a plugin, and have the means to do so, I would recommend checking out our technical documentation, and the plugin development guide in particular: https://docs.pkp.sfu.ca/dev/

-Roger

PKP Team

3

Hi @esciencepress,

This would be tricky to incorporate safely. If you grant access to the Users & Roles toolset, then you create a possibility that they would be able to grant themselves or another user access to a role that permits settings changes to be made.

Regards,
Alec Smecher
Public Knowledge Project Team

1 Like
4

Thank you. Is there any way thay I remove buttons from the interface please?

5

Hi @esciencepress,

That depends on what you want to do. Can you describe in a bit more detail?

Thanks,
Alec Smecher
Public Knowledge Project Team

6

Hello @asmecher

I believe that in version 2.4.8, journal editors could only access submissions and issues (not settings: journal, website, etc.). In OJS-3.3, the journal editor role doesn’t even exist. Is there a way to restrict editor access to only submissions and issues by modifying the codebase? I’ve been analyzing pages/management/ManagementHandler.inc.php, but I can’t figure it out.

Sincerely,

juan

7

Hi @Jcardo,

Regarding your question about restricting editor access so that they can only view submissions and issues — yes, it is possible. As you mentioned that you are currently using OJS version 3.3, you can achieve this by installing the Journal Editor Restriction Plugin available in the Plugin Gallery.

gambar
gambar940×158 6.64 KB

Hopefully this can be your solution

Regards,
Almadani

1 Like
8

Hi @Muhammad_Al_Madani,

Thanks, it works perfectly.

Regards