Access Control Plugin assigning users fails
-
FOG 1.5.5
I have created two technician roles. I have assigned only three rules to this particular role. When adding a FOG user to the membership for this role it is never added. The user still can see everything as if an admin in FOG.
Is this part of the plugins failing to work in FOG 1.5.5 or is this a separate issue?
-
@quinniedid rules work opposite to how you’re thinking. The rules you want blocked should be associated to the role. Rules you want access to for the role should NOT be associated to the role.
-
Hi @quinniedid ,
I have this plugin installed in 1.5.5 and works fine.
The users, are local? Did you create them?
Are you ussing LDAP plugin too?
Which rules are you using? -
Hi @Fernando-Gietz ,
All of these users are local. We did create a user called “optimus”
I created a new roll call Technician - Optimus.
These are the rules that I have created for the roll so far:
MAIN_MENU-about about main
MAIN_MENU-host host main
SUB_MENULINK-actice active menu taskI am thinking there is actually something wrong with maybe the database that contains the rules? When I go to the access control plugin I click on list all rules, the rules that show up in that list are not the same as the ones that are available to add to the role for rule association.
I would upload screenshot but for some reason I am not able to right now. I select the select the user to add but no action is taken it seems. I will have to try a different browser or computer.
-
Is it because of the spaces in the role name? How can I verify the database to ensure it is not corrupted?
-
@quinniedid I don know but is easy to check it
don t use spaces in one role. You can see the entries in the database in the rule* and role* tables -
When I add the optimus user I see this in the table:
The issue is that optimus still acts like a full admin even though no rules are associated.
I have removed the plugin and reinstalled it and I am continuing to have the same behavior… Any ideas?
-
@quinniedid rules work opposite to how you’re thinking. The rules you want blocked should be associated to the role. Rules you want access to for the role should NOT be associated to the role.
-
Okay. That makes a lot more sense. It is working just fine. I appreciate the clarification.
Is there any documentation on rule creation? I only want the user to have access to specific hosts and groups?
-
Hi @quinniedid ,
In this post you can find info about how works and how create rules in this plugin.
https://forums.fogproject.org/topic/9624/control-access-plugin/14
With this plugin you can restrict the access to the menus and submenus but not to specific host and groups. To do this maybe you can use the Site plugin but, unfortunately, this plugin doesn’t work with the 1.5.5 version. I am working to fix the bugs.
