Access Control Plugin assigning users fails

quinniedid · Jan 14, 2019, 4:55 PM

FOG 1.5.5

I have created two technician roles. I have assigned only three rules to this particular role. When adding a FOG user to the membership for this role it is never added. The user still can see everything as if an admin in FOG.

Is this part of the plugins failing to work in FOG 1.5.5 or is this a separate issue?

Tom Elliott · Jan 22, 2019, 9:35 PM

@quinniedid rules work opposite to how you’re thinking. The rules you want blocked should be associated to the role. Rules you want access to for the role should NOT be associated to the role.

Fernando Gietz · Jan 15, 2019, 12:59 PM

Hi @quinniedid ,
I have this plugin installed in 1.5.5 and works fine.
The users, are local? Did you create them?
Are you ussing LDAP plugin too?
Which rules are you using?

quinniedid · Jan 16, 2019, 9:51 AM

Hi @Fernando-Gietz ,

All of these users are local. We did create a user called “optimus”

I created a new roll call Technician - Optimus.

These are the rules that I have created for the roll so far:

MAIN_MENU-about about main
MAIN_MENU-host host main
SUB_MENULINK-actice active menu task

I am thinking there is actually something wrong with maybe the database that contains the rules? When I go to the access control plugin I click on list all rules, the rules that show up in that list are not the same as the ones that are available to add to the role for rule association.

I would upload screenshot but for some reason I am not able to right now. I select the select the user to add but no action is taken it seems. I will have to try a different browser or computer.

quinniedid · Jan 17, 2019, 6:40 PM

@Fernando-Gietz

Is it because of the spaces in the role name? How can I verify the database to ensure it is not corrupted?

Fernando Gietz · Jan 17, 2019, 6:43 PM

@quinniedid I don know but is easy to check it don t use spaces in one role. You can see the entries in the database in the rule* and role* tables

quinniedid · Jan 22, 2019, 9:25 PM

@Fernando-Gietz

When I add the optimus user I see this in the table:

The issue is that optimus still acts like a full admin even though no rules are associated.

I have removed the plugin and reinstalled it and I am continuing to have the same behavior… Any ideas?

Tom Elliott · Jan 22, 2019, 9:35 PM

@quinniedid rules work opposite to how you’re thinking. The rules you want blocked should be associated to the role. Rules you want access to for the role should NOT be associated to the role.

quinniedid · Jan 22, 2019, 9:44 PM

Okay. That makes a lot more sense. It is working just fine. I appreciate the clarification.

Is there any documentation on rule creation? I only want the user to have access to specific hosts and groups?

Fernando Gietz · Jan 23, 2019, 12:09 PM

Hi @quinniedid ,

In this post you can find info about how works and how create rules in this plugin.

https://forums.fogproject.org/topic/9624/control-access-plugin/14

With this plugin you can restrict the access to the menus and submenus but not to specific host and groups. To do this maybe you can use the Site plugin but, unfortunately, this plugin doesn’t work with the 1.5.5 version. I am working to fix the bugs.

Access Control Plugin assigning users fails

159

12.0k

17.3k

155.2k