Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Cockpit: simple user can access some configuration #5944

Closed
federicoballarini opened this issue Nov 21, 2019 · 1 comment
Closed

Cockpit: simple user can access some configuration #5944

federicoballarini opened this issue Nov 21, 2019 · 1 comment
Labels

Comments

@federicoballarini
Copy link

@federicoballarini federicoballarini commented Nov 21, 2019

A simple user (with shell access) can access some configuration (but not modify) like Ejabberd, by left applications shortcuts. By clicking shortcut user can access application: some app returns error, some others returns the configuration (not editable).

Proposed solution

Best solution can be to hide shortcut if user do not have permission to access application.

Alternative solutions

An alternative solution can be to unify all applications returning identical error.

See also

Three examples:

  • ejabberd: returns visible config page, but if user try to modify get error
  • antivirus: returns reading config error
  • web server dashboard: loading loop

Note that into Applications list user can't see these applications.
In Applications list are missing public applications as Webtop, Roundcube, Nextcloud: to complete work we can add also it in list, without right control menu.

@DavidePrincipi DavidePrincipi added this to ⚙ Developing in NethServer 7 Nov 21, 2019
@DavidePrincipi DavidePrincipi moved this from ⚙ Developing to ✋ Needs review in NethServer 7 Nov 21, 2019
@gsanchietti

This comment has been minimized.

Copy link
Member

@gsanchietti gsanchietti commented Nov 25, 2019

The application shortcuts come from a template and can't be changed on the user login.
Reworking how the user can access non-delegated apps requires a big effort without a real outcome.

The user accessing the non-delegated application can't edit the configuration, this is the important thing.
If you want to hide the access to a non-delegated application, just do not add it as a shortcut.

I'm going to close this feature request as wontfix, feel free to promote such discussion on community forum.

@gsanchietti gsanchietti added the wontfix label Nov 25, 2019
NethServer 7 automation moved this from ✋ Needs review to 🗑 Done Nov 25, 2019
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
NethServer 7
🗑 Done
2 participants
You can’t perform that action at this time.