Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Remove menu items and tabs from Web GUI

    Scheduled Pinned Locked Moved webGUI
    12 Posts 4 Posters 8.3k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • marcellocM
      marcelloc
      last edited by

      Did you tried to create another user and restrict It's access with permission?

      Treinamentos de Elite: http://sys-squad.com

      Help a community developer! ;D

      1 Reply Last reply Reply Quote 0
      • J
        jamesc
        last edited by

        I've not tried that yet as I was hoping to make the change global and effective for every user.

        1 Reply Last reply Reply Quote 0
        • marcellocM
          marcelloc
          last edited by

          you can apply this restriction to a group and then associate users to this group.

          Treinamentos de Elite: http://sys-squad.com

          Help a community developer! ;D

          1 Reply Last reply Reply Quote 0
          • J
            jamesc
            last edited by

            Just tested that but the restricted items are still displayed on the menu.

            1 Reply Last reply Reply Quote 0
            • marcellocM
              marcelloc
              last edited by

              displayed but not accessible

              Treinamentos de Elite: http://sys-squad.com

              Help a community developer! ;D

              1 Reply Last reply Reply Quote 0
              • jimpJ
                jimp Rebel Alliance Developer Netgate
                last edited by

                I'll just leave this here…
                http://redmine.pfsense.org/issues/773

                Remember: Upvote with the 👍 button for any user/post you find to be helpful, informative, or deserving of recognition!

                Need help fast? Netgate Global Support!

                Do not Chat/PM for help!

                1 Reply Last reply Reply Quote 0
                • J
                  jamesc
                  last edited by

                  I created a restricted user with access to only a few menus and then added that code to line 229 of fbegin.inc

                  When I login as the restricted user, I still see all the menus that I don;t have access to  ???

                  1 Reply Last reply Reply Quote 0
                  • jimpJ
                    jimp Rebel Alliance Developer Netgate
                    last edited by

                    I mainly meant that it's an open feature request so it's a known issue. I'm not sure how proper the fix there there.

                    Remember: Upvote with the 👍 button for any user/post you find to be helpful, informative, or deserving of recognition!

                    Need help fast? Netgate Global Support!

                    Do not Chat/PM for help!

                    1 Reply Last reply Reply Quote 0
                    • J
                      jamesc
                      last edited by

                      Ah ok, thanks Jim  :)

                      1 Reply Last reply Reply Quote 0
                      • M
                        martinjsaunders
                        last edited by

                        @marcelloc:

                        displayed but not accessible

                        Hi,

                        I'm trying to restrict access to page-interfaces: Bridge page and Bridge Edit page for all users including admin. I've tried doing this by editing the XML config for the 'Admins' group as follows:

                        • <system><optimization>normal</optimization>
                            <hostname>pfsense</hostname>
                            <domain>localdomain</domain>
                        • <group><name>admins</name>
                        • <description>-   ]]></description>
                            <scope>system</scope>
                            <gid>1999</gid>
                            <member>0</member>
                            <priv>user-copy-files</priv>
                            <priv>user-ipsec-xauth-dialin</priv>
                            <priv>user-l2tp-dialin</priv>
                            <priv>user-pppoe-dialin</priv>
                            <priv>user-pptp-dialin</priv>
                            <priv>user-shell-access</priv>
                            <priv>user-ssh-tunnel</priv>
                            <priv>page-dashboard-all</priv>
                            <priv>page-dashboard-widgets</priv>
                            <priv>page-diag-system-activity</priv>
                            <priv>page-diagnostics-arptable</priv>
                            <priv>page-diagnostics-authentication</priv>
                            <priv>page-diagnostics-backup/restore</priv>
                            <priv>page-diagnostics-command</priv>
                            <priv>page-diagnostics-configurationhistory</priv>
                            <priv>page-diagnostics-cpuutilization</priv>
                            <priv>page-diagnostics-crash-reporter</priv>
                            <priv>page-diagnostics-edit</priv>
                            <priv>page-diagnostics-factorydefaults</priv>
                            <priv>page-diagnostics-haltsystem</priv>
                            <priv>page-diagnostics-interfacetraffic</priv>
                            <priv>page-diagnostics-logs-dhcp</priv>
                            <priv>page-diagnostics-logs-firewall</priv>
                            <priv>page-diagnostics-logs-pptpvpn</priv>
                            <priv>page-diagnostics-logs-settings</priv>
                            <priv>page-diagnostics-logs-system</priv>
                            <priv>page-diagnostics-nanobsd</priv>
                            <priv>page-diagnostics-packetcapture</priv>
                            <priv>page-diagnostics-patters</priv>
                            <priv>page-diagnostics-ping</priv>
                            <priv>page-diagnostics-rebootsystem</priv>
                            <priv>page-diagnostics-resetstate</priv>
                            <priv>page-diagnostics-restart-httpd</priv>
                            <priv>page-diagnostics-routingtables</priv>
                            <priv>page-diagnostics-showstates</priv>
                            <priv>page-diagnostics-statessummary</priv>
                            <priv>page-diagnostics-tables</priv>
                            <priv>page-diagnostics-traceroute</priv>
                            <priv>page-diagnostics-wirelessstatus</priv>
                            <priv>page-firewall-alias-edit</priv>
                            <priv>page-firewall-alias-import</priv>
                            <priv>page-firewall-aliases</priv>
                            <priv>page-firewall-nat-1-1</priv>
                            <priv>page-firewall-nat-1-1-edit</priv>
                            <priv>page-firewall-nat-outbound</priv>
                            <priv>page-firewall-nat-outbound-edit</priv>
                            <priv>page-firewall-nat-portforward</priv>
                            <priv>page-firewall-nat-portforward-edit</priv>
                            <priv>page-firewall-rules</priv>
                            <priv>page-firewall-rules-edit</priv>
                            <priv>page-firewall-schedules</priv>
                            <priv>page-firewall-schedules-edit</priv>
                            <priv>page-firewall-trafficshaper</priv>
                            <priv>page-firewall-trafficshaper-layer7</priv>
                            <priv>page-firewall-trafficshaper-limiter</priv>
                            <priv>page-firewall-trafficshaper-queues</priv>
                            <priv>page-firewall-trafficshaper-wizard</priv>
                            <priv>page-firewall-virtualipaddress-edit</priv>
                            <priv>page-firewall-virtualipaddresses</priv>
                            <priv>page-getserviceproviders</priv>
                            <priv>page-getstats</priv>
                            <priv>page-hidden-detailedstatus</priv>
                            <priv>page-hidden-execraw</priv>
                            <priv>page-hidden-nolongerincluded</priv>
                            <priv>page-hidden-uploadconfiguration</priv>
                            <priv>page-interfaces</priv>
                            <priv>page-interfaces-assignnetworkports</priv>
                            <priv>page-interfaces-gif</priv>
                            <priv>page-interfaces-gif-edit</priv>
                            <priv>page-interfaces-gre</priv>
                            <priv>page-interfaces-gre-edit</priv>
                            <priv>page-interfaces-groups</priv>
                            <priv>page-interfaces-ppps</priv>
                            <priv>page-interfaces-ppps-edit</priv>
                            <priv>page-interfaces-wireless</priv>
                            <priv>page-interfaces-wireless-edit</priv>
                            <priv>page-interfacess-groups</priv>
                            <priv>page-interfacess-lagg</priv>
                            <priv>page-interfacess-qinq</priv>
                            <priv>page-ipsecxml</priv>
                            <priv>page-loadbalancer-pool</priv>
                            <priv>page-loadbalancer-pool-edit</priv>
                            <priv>page-loadbalancer-virtualserver-edit</priv>
                            <priv>page-openvpn-client</priv>
                            <priv>page-openvpn-csc</priv>
                            <priv>page-openvpn-server</priv>
                            <priv>page-package-edit</priv>
                            <priv>page-package-settings</priv>
                            <priv>page-pfsensewizardsubsystem</priv>
                            <priv>page-pkg-mgr-settings</priv>
                            <priv>page-requiredforjavascript</priv>
                            <priv>page-services-captiveportal</priv>
                            <priv>page-services-captiveportal-allowedhostnames</priv>
                            <priv>page-services-captiveportal-allowedips</priv>
                            <priv>page-services-captiveportal-editallowedhostnames</priv>
                            <priv>page-services-captiveportal-editallowedips</priv>
                            <priv>page-services-captiveportal-editmacaddresses</priv>
                            <priv>page-services-captiveportal-filemanager</priv>
                            <priv>page-services-captiveportal-macaddresses</priv>
                            <priv>page-services-captiveportal-voucher-edit</priv>
                            <priv>page-services-captiveportal-vouchers</priv>
                            <priv>page-services-dnsforwarder</priv>
                            <priv>page-services-dnsforwarder-editdomainoverride</priv>
                            <priv>page-services-dnsforwarder-edithost</priv>
                            <priv>page-services-dynamicdnsclient</priv>
                            <priv>page-services-dynamicdnsclients</priv>
                            <priv>page-services-igmpproxy</priv>
                            <priv>page-services-loadbalancer-monitor</priv>
                            <priv>page-services-loadbalancer-monitor-edit</priv>
                            <priv>page-services-loadbalancer-relay-action</priv>
                            <priv>page-services-loadbalancer-relay-action-edit</priv>
                            <priv>page-services-loadbalancer-relay-protocol</priv>
                            <priv>page-services-loadbalancer-relay-protocol-edit</priv>
                            <priv>page-services-loadbalancer-virtualservers</priv>
                            <priv>page-services-pppoeserver</priv>
                            <priv>page-services-pppoeserver-eidt</priv>
                            <priv>page-services-rfc2136clients</priv>
                            <priv>page-services-snmp</priv>
                            <priv>page-services-wakeonlan</priv>
                            <priv>page-services-wakeonlan-edit</priv>
                            <priv>page-status-captiveportal</priv>
                            <priv>page-status-captiveportal-test</priv>
                            <priv>page-status-captiveportal-voucher-rolls</priv>
                            <priv>page-status-captiveportal-vouchers</priv>
                            <priv>page-status-carp</priv>
                            <priv>page-status-cpuload</priv>
                            <priv>page-status-dhcpleases</priv>
                            <priv>page-status-filterreloadstatus</priv>
                            <priv>page-status-gatewaygroups</priv>
                            <priv>page-status-gateways</priv>
                            <priv>page-status-interfaces</priv>
                            <priv>page-status-ipsec</priv>
                            <priv>page-status-ipsec-sad</priv>
                            <priv>page-status-ipsec-spd</priv>
                            <priv>page-status-loadbalancer-pool</priv>
                            <priv>page-status-loadbalancer-virtualserver</priv>
                            <priv>page-status-openvpn</priv>
                            <priv>page-status-packagelogs</priv>
                            <priv>page-status-rrdgraph-settings</priv>
                            <priv>page-status-rrdgraphs</priv>
                            <priv>page-status-services</priv>
                            <priv>page-status-systemlogs-ipsecvpn</priv>
                            <priv>page-status-systemlogs-loadbalancer</priv>
                            <priv>page-status-systemlogs-openntpd</priv>
                            <priv>page-status-systemlogs-openvpn</priv>
                            <priv>page-status-systemlogs-portalauth</priv>
                            <priv>page-status-systemlogs-ppp</priv>
                            <priv>page-status-trafficgraph</priv>
                            <priv>page-status-trafficshaper-queues</priv>
                            <priv>page-status-upnpstatus</priv>
                            <priv>page-system-advanced-admin</priv>
                            <priv>page-system-advanced-firewall</priv>
                            <priv>page-system-advanced-misc</priv>
                            <priv>page-system-advanced-network</priv>
                            <priv>page-system-advanced-notifications</priv>
                            <priv>page-system-advanced-sysctl</priv>
                            <priv>page-system-authservers</priv>
                            <priv>page-system-camanager</priv>
                            <priv>page-system-certmanager</priv>
                            <priv>page-system-crlmanager</priv>
                            <priv>page-system-firmware-autoupdate</priv>
                            <priv>page-system-firmware-checkforupdate</priv>
                            <priv>page-system-firmware-manualupdate</priv>
                            <priv>page-system-firmware-settings</priv>
                            <priv>page-system-gatewaygroups</priv>
                            <priv>page-system-gateways</priv>
                            <priv>page-system-gateways-editgateway</priv>
                            <priv>page-system-gateways-editgatewaygroups</priv>
                            <priv>page-system-generalsetup</priv>
                            <priv>page-system-groupmanager</priv>
                            <priv>page-system-groupmanager-addprivs</priv>
                            <priv>page-system-license</priv>
                            <priv>page-system-login/logout</priv>
                            <priv>page-system-packagemanager</priv>
                            <priv>page-system-packagemanager-installed</priv>
                            <priv>page-system-packagemanager-installpackage</priv>
                            <priv>page-system-staticroutes</priv>
                            <priv>page-system-staticroutes-editroute</priv>
                            <priv>page-system-usermanager</priv>
                            <priv>page-system-usermanager-addprivs</priv>
                            <priv>page-system-usermanager-passwordmg</priv>
                            <priv>page-system-usermanager-settings</priv>
                            <priv>page-system-usermanager-settings-testldap</priv>
                            <priv>page-upload_progress</priv>
                            <priv>page-vpn-ipsec</priv>
                            <priv>page-vpn-ipsec-editkeys</priv>
                            <priv>page-vpn-ipsec-editphase1</priv>
                            <priv>page-vpn-ipsec-editphase2</priv>
                            <priv>page-vpn-ipsec-listkeys</priv>
                            <priv>page-vpn-ipsec-mobile</priv>
                            <priv>page-vpn-vpnl2tp</priv>
                            <priv>page-vpn-vpnl2tp-users</priv>
                            <priv>page-vpn-vpnl2tp-users-edit</priv>
                            <priv>page-vpn-vpnpptp</priv>
                            <priv>page-vpn-vpnpptp-user-edit</priv>
                            <priv>page-vpn-vpnpptp-users</priv>
                            <priv>page-xmlrpcinterfacestats</priv>
                            <priv>page-xmlrpclibrary</priv></group>

                        When I reload the config the group seems to correctly reflect the new privaleges above, missing the Bridge pages (plus a few others I removed), but the pages are still accessable and I can still Bridge interfaces. Have I done something silly?

                        Thanks very much in advance!

                        M.</system>

                        1 Reply Last reply Reply Quote 0
                        • M
                          martinjsaunders
                          last edited by

                          @martinjsaunders:

                          When I reload the config the group seems to correctly reflect the new privaleges above, missing the Bridge pages (plus a few others I removed), but the pages are still accessable and I can still Bridge interfaces. Have I done something silly?

                          Thanks very much in advance!

                          M.

                          To answer my own question, if I add a new users in the group Admins it inherits the correct permissions. This is fine but I'd rather disable admin for Bridging as well, is the admin user inheriting it's permissions from somwhere else as well?

                          1 Reply Last reply Reply Quote 0
                          • First post
                            Last post
                          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.