Project

General

Profile

Actions

Bug #5063

closed

OpenVPN Client Export Utility not accessable in WebGUI /w group permissions set

Added by Peter Allgeyer over 9 years ago. Updated over 9 years ago.

Status:
Not a Bug
Priority:
Normal
Assignee:
-
Category:
OpenVPN Client Export
Target version:
-
Start date:
09/01/2015
Due date:
% Done:

0%

Estimated time:
Plus Target Version:
Affected Version:
2.2.4
Affected Plus Version:
Affected Architecture:

Description

It isn't possible to open the OpenVPN Client Export page via the WebGUI, if group permission is set to "WebCfg - OpenVPN: Client Export Utility" only. You have to give rights to "WebCfg - OpenVPN: Server page", too, but this is not what we would expect.

Actions #1

Updated by Jim Pingle over 9 years ago

  • Status changed from New to Not a Bug

This doesn't seem to be true as far as I can tell. I created an account, assigned it only the privilege for the export package, and then on login it loaded the page OK. The export page is a sub-tab of the OpenVPN collection of pages, so it will not be possible to navigate by menu to it without having access to the server page. However, loading the page directly does work which means the privilege is working as expected.

Actions #2

Updated by Peter Allgeyer over 9 years ago

If no bug, then please change to feature. I think it's very helpful for restricted local users not only to be able to change their password but also to able to easily get their profile and or software for remote access w/o knowing the full URL. There's code in fbegin.inc for having a menu in WebGUI for the local user password changing process:

---< schnipp >----
if (!isAllowedPage("system_usermanager.php*"))
$system_menu[] = array(gettext("User Manager"), "/system_usermanager_passwordmg.php");
else
$system_menu[] = array(gettext("User Manager"), "/system_usermanager.php");
---< schnapp >----

Same thing could be done for OpenVPN: Client Export Utility:

Change this line:
$vpn_menu[] = array(gettext("OpenVPN"), "/vpn_openvpn_server.php");

to:
if (!isAllowedPage("vpn_openvpn_server.php*") && isAllowedPage("vpn_openvpn_export.php*"))
$vpn_menu[] = array(gettext("OpenVPN"), "/vpn_openvpn_export.php");
else
$vpn_menu[] = array(gettext("OpenVPN"), "/vpn_openvpn_server.php");

Actions

Also available in: Atom PDF