Control Panel/access/add users/permissions

HelterSkelter · Post by **HelterSkelter** » Fri Dec 30, 2005 1:02 pm

I am once again reaching a critical impass with some of my admins and a few of my supporters. I need to allow them to add maps and restart the server in the event of a crash. I need to do this without giving them the ability to edit files.
Presently it appears that the owner of all the editable files is "ftp" Is it possible to add another ftp user with only limited permissions? If so, that user would be able to add files, but not overwrite files that belong to the user"ftp".

If you could add a tab in the control panel that has only the fields upload files, restart server, view serverlogs etc Basicly any of the functions, or tabs that do not allow a user to edit or view critical info, and allow server opps to add users, it would be a huge help in satisfying my admins while not compromising the server.

Post by **Edge100x** » Fri Dec 30, 2005 1:12 pm

On the FTP user part, I'm not sure if that's possible or not, but our systems aren't currently configured to handle more than one FTP user per server, so it has the potential to break some automated operations if we start to do it.

On our "to do" list right now is the ability to limit which tabs each subuser can view in the control panel. This should satisfy many of your requirements. I do not, however, have an ETA on those changes.

HelterSkelter · Post by **HelterSkelter** » Fri Dec 30, 2005 2:17 pm

the only issue that I can see there is that there are some functions grouped under some tabe that would not allow for any security.
example: if i give access to file manager to upload files, it also shows the ftp info. or if I give access to server control, to allow admins to restart, they also have access to change server dll's and disable VAC2. Wouldnt it be better (easier and more secure) to make one tab for your sub-users and give admins the ability to choose what control functions are added to that tab? Or you as the programmer can decide what functions to add that will not compromise server security.

Post by **Edge100x** » Fri Dec 30, 2005 3:43 pm

Separating every function into its own module would be convenient in a sense, but would require that we recode large chunks of the control panel. Right now we have many tasks that would take priority over a complete CP rewrite, and there is little demand for such a project.

HelterSkelter · Post by **HelterSkelter** » Fri Dec 30, 2005 7:18 pm

I realize that you are very busy, and this ranks prety low on your priority list, but it seems to me that there is very little gain to being able to give access to only certain tabs. I would think the only reason to do this would be to restrict access to potentially damaging functions; however, there are almost no tabs that do not include such functions. After the considerable amount of work it will take for you to modify it as you now plan to do, It will still leave us Server opps with the decision to give all or none type access, unless you can reorganize the current tab content.

HelterSkelter · Post by **HelterSkelter** » Fri Dec 30, 2005 7:27 pm

PS...if you set up the forum in acp to allow users to edit thier posts, i wouldnt have to double post just to wish you a Happy New Year

Post by **Edge100x** » Fri Dec 30, 2005 7:36 pm

Sadly, there are many features we've had to disable in these forums due to abuse in the past