Project

General

Profile

Actions
Copy link

Bug #1845

closed

diag_system_pftop 404 not found = cardiac crisis

Added by Franck Bourdonnec about 14 years ago. Updated about 13 years ago.

Status:
Resolved
Priority:
Normal
Assignee:
-
Category:
Web Interface
Target version:
-
Start date:
09/06/2011
Due date:
% Done:

100%

Estimated time:
1.00 h
Plus Target Version:
Release Notes:
Affected Version:
2.0
Affected Architecture:

Description

Hello,
after day and day of tuning/discovering, I had tried the user/group settings to build a person able to consult some log page/status page of pfsense.
since first day disabled admin, created another user in admin group, ok
today created group with some page:
  • webcfg-Diagnostics-log-*
  • webcfg-Status-(cpuload,dhcp lease,rrd graph,ntp)

And what a surprise while trying with the test user: 404 not found diag_system_pftop immediatly! Nothing else. Don't do that please ;-)
Imagine yourself with your new production firewall dead !

Please make lighttpd able to read an explanation page.

Version is RC3 updated september 5. (built on Fri Sep 2 14:29:10 EDT 2011 )

Franck

Actions
Copy link
 #1

Updated by Chris Buechler about 14 years ago

  • Status changed from New to Feedback
  • Priority changed from Urgent to Normal
  • Target version deleted (2.0)

not sure what you're referring to

Actions
Copy link
 #2

Updated by Franck Bourdonnec about 14 years ago

menu system/user/manager

add a group
fix a few status/logs page among all proposed priviledges
create a user
add it to the group
log with that user and see 404 and nothing else.

Actions
Copy link
 #3

Updated by Jim Pingle about 14 years ago

  • % Done changed from 0 to 100
Actions
Copy link
 #4

Updated by Jim Pingle about 14 years ago

Actions
Copy link
 #5

Updated by Jim Pingle about 14 years ago

The privilege system will redirect the user to whichever page is listed first in their permissions (which they are allowed to access). Because the system activity page's match parameter didn't point to an actual page, but a glob, it failed to redirect. Should be OK tomorrow.

In the future, if you give a user the 'dashboard' permission that will always come first so they would always land on the index page.

Actions
Copy link
 #6

Updated by Franck Bourdonnec about 14 years ago

yes, I have added the 'dashboard' as small fixe, because all other unauthorized pages goes to 404.
In future release, consider 'graying' the menus perhaps.

Thank for fixing it.

Actions
Copy link
 #7

Updated by Jim Pingle about 13 years ago

  • Status changed from Feedback to Resolved
Actions
Copy link

Also available in: Atom PDF