-
Notifications
You must be signed in to change notification settings - Fork 65
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
group and access control is very weird #239
Comments
hey @support-tt Access control is bound to user machines (NetBird agents that run on the machines to be precise). What we plan is simple - we will only display the machines that the user owns in the /peers tab. Additionally, we will show the names and IPs of those peers that the user's machines can connect to in the detailed view of every user machine machine. Does this make sense? What is your ideal access control? Let me know Bets, |
hey @braginini thanks for the fast response. Yes I think I get it now. It would be great if a admin could remove a user from a machine. So managing who owns which client in the ui would be great. I know I can change this in the store.json but thats not very comfortable and i already crashed my config twice by doing something wrong. (got a backup so was not a big problem) |
@support-tt |
@braginini thanks you for your input and fast response. |
Hello,
i tested the netbird management UI with 3 users.
when I login as user I see all peers, that my registered peer can see.
So the admin can only limit my access by limiting the peer I registered. When a user never registered a peer the access cant be controlled and when a user has registered like 10 peers then he can see everything that the peers can see. The admin cant remove access to the peers that the user registered.
So in my opinion there is no clear access control or did I miss something ?
The text was updated successfully, but these errors were encountered: