Unable to access "System: Authentication servers" if "WebCfg - System: User Password Manager" is set
It seems that defining permission page-system-usermanager-passwordmg completely blocks users from accessing to the Authentication servers page of the user manager.
Steps for reproducing the issue :
- Create an user. Assign WebCfg - System: Authentication Servers , WebCfg - System: User Password Manager and WebCfg - Dashboard (all) to it. (WebCfg - Dashboard is not necessary, but it's better to have this permission for accessing the home page of pfSense)
- Log in as this user and try to access Authentication Servers page in the user manager.
- Enjoy :
It seems that I can still access this page by entering the correct url,
It's not a permission issue, rater a menu issue ("User Password" should display a menu showing "Authentication Servers" page).
#2 Updated by Jim Pingle about 1 year ago
- Affected Version changed from 2.4.x to All
- Affected Architecture All added
- Affected Architecture deleted (
That page is hidden on purpose. You should only give users that permission if they do not have access to the user management page.
If a user can access the user manager, that page is not necessary.
This feels more like a user error with permission management to me.
We can work around that with changes similar to the PR, but the PR needs a change or two. Will leave comments there.