search

Automattic / wp-calypso

The JavaScript and API powered WordPress.com
https://developer.wordpress.com
GNU General Public License v2.0
12.38k stars 1.98k forks source link

SFTP: User-level SFTP access + access controls #55812

Open inaikem opened 2 years ago

inaikem commented 2 years ago

What

Create SFTP credentials on a user-level, not a site level

Why

Site owners may need to provide 3rd parties with SFTP access to their site. We currently provide this in the form of a single username/password for the entire site.

For larger sites with multiple users potentially needing access, having a single set of credentials is not ideal and adds management overhead that can be avoided.

How

  1. Provide user-specific SFTP credentials at https://wordpress.com/hosting-config/domain.blog.
  2. Add an option for site owners to reset user SFTP credentials in Calypso at https://wordpress.com/people/edit/domain.blog/usernamehere.

Optionally, we could also provide some basic folder restrictions by allowing site owners to set specific areas users have SFTP access to.

This could be done via checkboxe(s). A very rough example:

Allow SFTP access to only the following folders:

[     ] /wp-content/plugins [✔️] /wp-content/themes [✔️] /wp-content/uploads

No boxes checked = unlimited access. One, some or all boxes checked = access to only those folders.

The above would be useful for site owners who only wish to give certain users access to certain areas. For example, a theme developer troubleshooting a theme.

inaikem commented 2 years ago

Related request brought up in 4256564-zen.

jordesign commented 2 years ago

+1 from a user in this interaction: 35493529-hc

They'd like multiple SFTP users so they can set up Bitbucket/Github deployment flows.