You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Today, Cacti supports the 'Permissive' and the 'Restrictive' permission algorithms for determining access to a Graph and other objects. However, on larger systems, it may be more practical to overlay another set of permission algorithms. The algorithms include:
Device Based
Graph Template Based
These two new permission algorithms will provide more options for administrators of large Cacti installs that will result in improved performance.
The Device Based permission states that the user needs only access to the Device in order to access the Graph or optionally just the Graph itself.
The Graph Template Based permission states that the user needs only access to the Graph Template in order to access the Graph or optionally just the Graph itself.
Expected behavior
More flexible Cacti performance options.
The text was updated successfully, but these errors were encountered:
#4578, #4574
-security#4576: Stored XSS Issue in Cacti Device, Graph, Graph Template, and Graph Items callbacks
-security#4579: Cacti account lockout policies are not properly applied to LDAP and Domain Users
-issue#4573: The Cacti permission system does not scale to very large installations
-issue#4575: When you delete a user, their 'remember me' cookie data is not automatically removed
-issue#4576: Stored XSS Issue in Cacti Device, Graph, Graph Template, and Graph Items callbacks
-issue#4577: Cacti allows you to disable the currently logged in administrator disabling the user
-issue#4578: The Cacti login algorithm is complicated to understand due to too much strait line code
-feature#4574: Cacti needs some additional permission methods for larger installations
This change properly documents the file lib/auth.php using phpDocument format, and performed multiple sanity and readability changes such as the renaming of variables commonly used in multiple functions.
The the restructuring of the three authentication files:
- auth_login.php
- include/auth.php
- lib/auth.php
Makes the code more readable, it's not a complete solution, however, it is much easier to follow now.
netniV
changed the title
Cacti needs some additional permission methods for larger installations
On larger systems, permissions may need alternative methods
Apr 3, 2022
Describe the bug
Today, Cacti supports the 'Permissive' and the 'Restrictive' permission algorithms for determining access to a Graph and other objects. However, on larger systems, it may be more practical to overlay another set of permission algorithms. The algorithms include:
These two new permission algorithms will provide more options for administrators of large Cacti installs that will result in improved performance.
The Device Based permission states that the user needs only access to the Device in order to access the Graph or optionally just the Graph itself.
The Graph Template Based permission states that the user needs only access to the Graph Template in order to access the Graph or optionally just the Graph itself.
Expected behavior
More flexible Cacti performance options.
The text was updated successfully, but these errors were encountered: