• Recent
  • Unsolved
  • Tags
  • Popular
  • Users
  • Groups
  • Search
  • Register
  • Login
  • Recent
  • Unsolved
  • Tags
  • Popular
  • Users
  • Groups
  • Search
  • Register
  • Login

RBAC functionality

Scheduled Pinned Locked Moved
Feature Request
3
11
993
Loading More Posts
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • S
    Sebastian Roth Moderator
    last edited by Mar 8, 2019, 7:39 AM

    @The-Dealman Do you mean image machines directly from the PXE boot menu?

    Have you had a look at the accesscontrol plugin yet?

    Web GUI issue? Please check apache error (debian/ubuntu: /var/log/apache2/error.log, centos/fedora/rhel: /var/log/httpd/error_log) and php-fpm log (/var/log/php*-fpm.log)

    Please support FOG if you like it: https://wiki.fogproject.org/wiki/index.php/Support_FOG

    T 1 Reply Last reply Mar 8, 2019, 10:50 PM Reply Quote 0
    • T
      The Dealman @Sebastian Roth
      last edited by Mar 8, 2019, 10:50 PM

      @Sebastian-Roth Nope. I didn’t know one existed, where is this located?

      Fog 1.5.9 running currently on all servers

      1 Reply Last reply Reply Quote 0
      • S
        Sebastian Roth Moderator
        last edited by Mar 9, 2019, 7:10 AM

        @The-Dealman Enable the FOG Plugin system in web UI -> FOG Configuration -> FOG Settings -> Plugins -> Enable the plugin system. Then in the plugins area (new icon in the top menu after reloading the page) enable and install the accesscontrol plugin. If you search the forums, you can find a couple examples of it’s usage.

        As yo have not answered my first question I am not exactly sure if this will match your needs. But give it a try, doesn’t hurt.

        Which version of FOG do you use?

        Web GUI issue? Please check apache error (debian/ubuntu: /var/log/apache2/error.log, centos/fedora/rhel: /var/log/httpd/error_log) and php-fpm log (/var/log/php*-fpm.log)

        Please support FOG if you like it: https://wiki.fogproject.org/wiki/index.php/Support_FOG

        T 2 Replies Last reply Mar 10, 2019, 1:07 AM Reply Quote 0
        • T
          The Dealman @Sebastian Roth
          last edited by Mar 10, 2019, 1:07 AM

          @Sebastian-Roth I’m using 1.5.5 of FOG on all servers.

          Fog 1.5.9 running currently on all servers

          1 Reply Last reply Reply Quote 0
          • T
            The Dealman @Sebastian Roth
            last edited by The Dealman Mar 12, 2019, 9:37 PM Mar 13, 2019, 3:31 AM

            @Sebastian-Roth I was able to locate this but it’s kinda hard to tell where you are when you drill down into the role and you want to modify rules. Once I jump into the rules I can’t tell if i’m looking at the rules for just the role I created or if it’s all the default rules for all the roles, it feels like it should be some sort of bread crumb trail on the UI to indicate where you are at the time. Also I deleted the printers from the access control rules main menu as a test and it still shows up at the top menu bar, we are suppose to delete the access control rules we don’t want to show up right?

            Fog 1.5.9 running currently on all servers

            F 1 Reply Last reply Mar 13, 2019, 12:31 PM Reply Quote 0
            • S
              Sebastian Roth Moderator
              last edited by Mar 13, 2019, 7:34 AM

              @Fernando-Gietz would be the one to ask. He knows the plugin best!

              Web GUI issue? Please check apache error (debian/ubuntu: /var/log/apache2/error.log, centos/fedora/rhel: /var/log/httpd/error_log) and php-fpm log (/var/log/php*-fpm.log)

              Please support FOG if you like it: https://wiki.fogproject.org/wiki/index.php/Support_FOG

              1 Reply Last reply Reply Quote 0
              • F
                Fernando Gietz Developer @The Dealman
                last edited by Fernando Gietz Mar 13, 2019, 6:36 AM Mar 13, 2019, 12:24 PM

                @The-Dealman said in RBAC functionality:

                It would be great if we had some sort of RBAC functionality built into fog, it doesn’t need to be anything complex. My use case is that I have central office IT staff that will have full access to fog, but I have computer technicians at schools that I only want to be able to image computers and not to have access to the web interface. Can this be done?

                The AccessControl plugin limits the access to the icons in the WebUI. With this plugin you can define which icons do you want to see in the menu bar and submenus.

                You can define roles and rules:

                • The roles are group of person, is a 1:N relationship. One role can have N persons but one person can be only in one role.
                • The rules define the restrictions, what icons and submenus are not showed by the webui. The rules are asigned to the roles and one rule can be asigned to one or more roles, and viceversa.

                With this, you can limit the access to the technicians to, for example, dashboard (is mandatory, if you add this rule the webui crashs), hosts, groups, images, snapin, tasks and logout. The technicioans don’t have access to the FOG configuration menus or storage nodes.

                If you use this AccessControl Plugin with Site plugin, you can restrinct the access to the computers. With Site plugin you can asign computers to one Site and assign user to one site or sites, in this way the plugin create a realtionship User -> Site -> Computer. From the User tab you can restrinct the access to one user only to the computers that are in his/her site or sites.

                1 Reply Last reply Reply Quote 0
                • F
                  Fernando Gietz Developer @The Dealman
                  last edited by Mar 13, 2019, 12:31 PM

                  @The-Dealman said in RBAC functionality:

                  @Sebastian-Roth I was able to locate this but it’s kinda hard to tell where you are when you drill down into the role and you want to modify rules. Once I jump into the rules I can’t tell if i’m looking at the rules for just the role I created or if it’s all the default rules for all the roles, it feels like it should be some sort of bread crumb trail on the UI to indicate where you are at the time. Also I deleted the printers from the access control rules main menu as a test and it still shows up at the top menu bar, we are suppose to delete the access control rules we don’t want to show up right?

                  Sometimes occurs this XD, the problem in this case, I think but I am not very sure, is the order that the events run. One event “paint” the icon and another one “erase” it. The AccessControl plugin “erases” icons but if the “erase” event happens before the “paint” event, the icon appears in the webui XD. Try to add another rule and is probably that the icon desappears.

                  T 2 Replies Last reply Mar 13, 2019, 1:27 PM Reply Quote 0
                  • T
                    The Dealman @Fernando Gietz
                    last edited by Mar 13, 2019, 1:27 PM

                    @Fernando-Gietz Okay i’ll give it a try and report back once i get to the office today.

                    Fog 1.5.9 running currently on all servers

                    1 Reply Last reply Reply Quote 0
                    • T
                      The Dealman @Fernando Gietz
                      last edited by Mar 13, 2019, 6:42 PM

                      @Fernando-Gietz Okay I got it working. You guys are awesome keep it up!

                      Fog 1.5.9 running currently on all servers

                      1 Reply Last reply Reply Quote 0
                      • 1 / 1
                      1 / 1
                      • First post
                        11/11
                        Last post

                      169

                      Online

                      12.0k

                      Users

                      17.3k

                      Topics

                      155.2k

                      Posts
                      Copyright © 2012-2024 FOG Project