Feature #6176
open
Privilege for OpenVPN Client Export
0%
Description
Hello pfsense dev,
When creating a custom group with only "WebCfg - OpenVPN: Client Export Utility" , there is no dropdown menu in the top taskbar to click OpenVPN.
I have access with the direct link : https://example.com/vpn_openvpn_export.php
If I want to have the Openvpn menu to have access to the export utility, i need to also add the server page "WebCfg - OpenVPN: Server".
Would it be logical to Have a dropdown menu directly for Openvpn, and when clicked it would redirect to the export utility page ?
Also, last thing ... Would it be possible to create another filter with only the "OpenVPN Clients" in the "WebCfg - OpenVPN: Client Export Utility" ?
something like "WebCfg - OpenVPN: Client Export Utility: OpenVPN Client"
Thanks in advance!
Updated by Chris Buechler over 8 years ago
- Tracker changed from Bug to Feature
- Project changed from pfSense to pfSense Packages
- Subject changed from custom user group - openvpn client export utility issue to Privilege for OpenVPN Client Export
- Category changed from Web Interface to OpenVPN Client Export
- Affected Architecture added
- Affected Architecture deleted (
All)
Updated by bearsh bearsh over 8 years ago
it would be very cool to be able to limit access for users to their own client configs. users don't need to have access to the configs of other users...
Updated by Kill Bill about 8 years ago
Alexandre Paradis wrote:
Would it be logical to Have a dropdown menu directly for Openvpn, and when clicked it would redirect to the export utility page ?
Where? In the VPN menu?
Also, last thing ... Would it be possible to create another filter with only the "OpenVPN Clients" in the "WebCfg - OpenVPN: Client Export Utility" ?
Nope, not without spliting that part of the page into a separate PHP file, plus that wouldn't really make much sense without being able to configure the rest of the export aspects.
bearsh bearsh wrote:
it would be very cool to be able to limit access for users to their own client configs. users don't need to have access to the configs of other users...
Uhm. No, not without huge hassle with pfSense user vs. certificate/VPN user mapping.
Updated by Viktor Gurov about 4 years ago
bearsh bearsh wrote:
it would be very cool to be able to limit access for users to their own client configs. users don't need to have access to the configs of other users...
Updated by Jim Pingle about 4 years ago
Adding a per-user privilege so uses can download their own clients is not going to happen (see comments on the PR). This was left open to find a way to address the menu issue for users who have exporter privileges but not privileges for other OpenVPN pages.