Bug #5063
closed
OpenVPN Client Export Utility not accessable in WebGUI /w group permissions set
0%
Description
It isn't possible to open the OpenVPN Client Export page via the WebGUI, if group permission is set to "WebCfg - OpenVPN: Client Export Utility" only. You have to give rights to "WebCfg - OpenVPN: Server page", too, but this is not what we would expect.
Updated by Jim Pingle over 8 years ago
- Status changed from New to Not a Bug
This doesn't seem to be true as far as I can tell. I created an account, assigned it only the privilege for the export package, and then on login it loaded the page OK. The export page is a sub-tab of the OpenVPN collection of pages, so it will not be possible to navigate by menu to it without having access to the server page. However, loading the page directly does work which means the privilege is working as expected.
Updated by Peter Allgeyer over 8 years ago
If no bug, then please change to feature. I think it's very helpful for restricted local users not only to be able to change their password but also to able to easily get their profile and or software for remote access w/o knowing the full URL. There's code in fbegin.inc for having a menu in WebGUI for the local user password changing process:
---< schnipp >----
if (!isAllowedPage("system_usermanager.php*"))
$system_menu[] = array(gettext("User Manager"), "/system_usermanager_passwordmg.php");
else
$system_menu[] = array(gettext("User Manager"), "/system_usermanager.php");
---< schnapp >----
Same thing could be done for OpenVPN: Client Export Utility:
Change this line:
$vpn_menu[] = array(gettext("OpenVPN"), "/vpn_openvpn_server.php");
to:
if (!isAllowedPage("vpn_openvpn_server.php*") && isAllowedPage("vpn_openvpn_export.php*"))
$vpn_menu[] = array(gettext("OpenVPN"), "/vpn_openvpn_export.php");
else
$vpn_menu[] = array(gettext("OpenVPN"), "/vpn_openvpn_server.php");