cacti icon indicating copy to clipboard operation
cacti copied to clipboard
verified publisher icon Cacti

Add granularity to Console Permissions

Open seanmancini opened this issue 2 years ago • 7 comments

Lets add the ability for a non admin user to access the console and view devices but not alter any of the device details

user should be able to view the devices page and be able to check the status of said device

seanmancini avatar Oct 10 '23 14:10 seanmancini

Sounds like a reasonable request. This will go as a minimum 1.3 item.

netniV avatar Oct 15 '23 09:10 netniV

@seanmancini you need only devices or more things from console? If you need only display hosts, easy way is make the same thing like clog for admin and normal users - no console menu, only new tab "Devices" with list of your devices and read-only device detail.
@netniV , @TheWitness What doy you think?

xmacan avatar Feb 28 '24 15:02 xmacan

Yea that was my thinking

On Wed, Feb 28, 2024 at 10:59 AM Petr Macek @.***> wrote:

@seanmancini https://github.com/seanmancini you need only devices or more things from console? If you need only display hosts, easy way is make the same thing like clog for admin and normal users - no console menu, only new tab "Devices" with list of your devices and read-only device detail. @netniV https://github.com/netniV , @TheWitness https://github.com/TheWitness What doy you think?

— Reply to this email directly, view it on GitHub https://github.com/Cacti/cacti/issues/5526#issuecomment-1969297786, or unsubscribe https://github.com/notifications/unsubscribe-auth/ADGEXTFERPSSXBPKGQAAI3LYV5H7RAVCNFSM6AAAAAA52PGU2SVHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMYTSNRZGI4TONZYGY . You are receiving this because you are subscribed to this thread.Message ID: @.***>

-- Thank you

Sean Mancini,(Six Sigma LBBIT®, ITIL,CEA-IT®,SCRUM SMPC®) Owner/Principal Engineer www.seanmancini.com

“Companies spend millions of dollars on firewalls, encryption, and secure access devices, and it’s money wasted because none of these measures address the weakest link in the security chain.”

– Kevin Mitnick

bmfmancini avatar Feb 28 '24 16:02 bmfmancini

It can be done based upon permissions for sure. Been super busy these days.

TheWitness avatar Feb 29 '24 01:02 TheWitness

I've been thinking about it again. I had an idea of a small console just for reading, but now I think it's unnecessary. What else besides "devices" would a non-admin user be interested in? Probably nothing. Before I start working on it, I'd like to clarify. My idea - I will create a new tab "Devices", where there will be a list of devices that this user has permissions to. It will be read-only. Maybe there will be a detail, few last log messages from log about this device, ... Admin will be able to assign permissions to users to use this tab.

@seanmancini @TheWitness Do you agree?

xmacan avatar Aug 08 '24 19:08 xmacan

Well it's really I mean probably I would think a Site Dashboard with a simple view of what they are allowed to view at the site. Maybe checkout some checkmk dashboards.

TheWitness avatar Aug 09 '24 01:08 TheWitness

Thold already has something like this. But we would do better as I had indicated.

TheWitness avatar Oct 03 '24 15:10 TheWitness