search

Ylianst / MeshCentral

A complete web-based remote monitoring and management web site. Once setup you can install agents and perform remote desktop session to devices on the local network or over the Internet.
https://meshcentral.com
Apache License 2.0
4.08k stars 549 forks source link

hide admin My Events with permissions #6136

Open ramphex opened 4 months ago

ramphex commented 4 months ago

Is your feature request related to a problem? Please describe. A clear and concise description of what the problem is. Ex. I'm always frustrated when [...]

Other users, non-server admins, able to see what I do in their My Events section.

Describe the solution you'd like A clear and concise description of what you want to happen.

Add user permissions of how much information they can see in the log/events section based on their role or permission flag.

si458 commented 4 months ago

this is already partly possible.

  1. create a user
  2. add mesh group or comps to user
  3. when selecting permissions, select 'Show only own events'

then the user will only see there events for those meshgroups/devices

the user will still see the ADMIN events if the ADMIN for example changes the users permissions or adds devices/gives permissions to that user

but the user wont see for example, user1 connects to comp1, only there user2 connects to comp1

ramphex commented 4 months ago

this is already partly possible.

  1. create a user
  2. add mesh group or comps to user
  3. when selecting permissions, select 'Show only own events'

then the user will only see there events for those meshgroups/devices

the user will still see the ADMIN events if the ADMIN for example changes the users permissions or adds devices/gives permissions to that user

but the user wont see for example, user1 connects to comp1, only there user connects to comp1

That's exactly what I would like to have an option to turn off. I would like a permission flag to have the user see no events, just their own events, group they manage events, or admin level all events.

si458 commented 4 months ago

sadly, thats a little tricky because of the way the logs are done/assigned in the database.

you need to see the admin logs because otherwise an admin user could for example change ur password/email and then you wouldnt know if you didnt see those admin events!

but will leave this open for future development

SrLimaDev commented 4 months ago

this is already partly possible.

1. create a user

2. add mesh group or comps to user

3. when selecting permissions, select 'Show only own events'

then the user will only see there events for those meshgroups/devices

the user will still see the ADMIN events if the ADMIN for example changes the users permissions or adds devices/gives permissions to that user

but the user wont see for example, user1 connects to comp1, only there user2 connects to comp1

How to?

si458 commented 4 months ago

@SrLimaDev as explained in my steps

  1. Create a user
  2. Select user, then click add meshgroup or add devices,
  3. Select group or devices
  4. Tick box saying 'show only own events'
vitko-bg commented 2 months ago

Looks like it is the same issues I posted - #4547. Completely agree it is not working as it should.

si458 commented 2 months ago

ok what i will look at doing is adding an option in config.json under domains, if value set to true, then ignore admin events if you have show only own events ticked, this way it wont break existing setups