amidaware / tacticalrmm

A remote monitoring & management tool, built with Django, Vue and Go.
https://docs.tacticalrmm.com
Other
3.27k stars 450 forks source link

URL Actions Permissions / Global Settings Sub-Permissions #1819

Closed ZzBombardierzZ closed 8 months ago

ZzBombardierzZ commented 8 months ago

Is your feature request related to a problem? Please describe. We are working on technician permissions for a new hire coming onboard soon, and I noticed that he won't be able to view URL Actions without being given the "View Global Settings" permission. We use URL Actions currently just to take control of an agent using ScreenConnect. This permission issue is troubling because he would then be able to see our email alert/SMTP settings as well as the SMS Twilio key.

Describe the solution you'd like Breaking down these global setting permissions further for Email, SMS, MeshCentral, key store, url actions, etc.

Describe alternatives you've considered Implementing something like #667 with the ability to set it to a URL action that doesn't care about the 'View Global Settings' permission.

Alternatively, make the "Run URL Actions" permission allow viewing only URL actions if the 'View Global Settings' permission is not checked.

Or any other solution you may think of.

Additional context Add any other context or screenshots about the feature request here.

wh1te909 commented 8 months ago

thanks just pushed a fix for this, was not the intended behavior. you can manually apply the changes in https://github.com/amidaware/tacticalrmm/commit/ee3a7bbbfce8a240cc269fb54176fd869fdd19c1 to the files on your server now and then sudo systemctl restart rmm and test it out, should work

wh1te909 commented 8 months ago

Released in 0.18.2