Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Remove menu items and tabs from Web GUI

    Scheduled Pinned Locked Moved webGUI
    12 Posts 4 Posters 8.2k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • J
      jamesc
      last edited by

      Hi all,

      Is there an easy way I can remove/hide menu items and particular tabs from the Web GUI?

      I have searched but was unable to unearth anything useful.

      Thanks

      James.

      1 Reply Last reply Reply Quote 0
      • marcellocM
        marcelloc
        last edited by

        Did you tried to create another user and restrict It's access with permission?

        Treinamentos de Elite: http://sys-squad.com

        Help a community developer! ;D

        1 Reply Last reply Reply Quote 0
        • J
          jamesc
          last edited by

          I've not tried that yet as I was hoping to make the change global and effective for every user.

          1 Reply Last reply Reply Quote 0
          • marcellocM
            marcelloc
            last edited by

            you can apply this restriction to a group and then associate users to this group.

            Treinamentos de Elite: http://sys-squad.com

            Help a community developer! ;D

            1 Reply Last reply Reply Quote 0
            • J
              jamesc
              last edited by

              Just tested that but the restricted items are still displayed on the menu.

              1 Reply Last reply Reply Quote 0
              • marcellocM
                marcelloc
                last edited by

                displayed but not accessible

                Treinamentos de Elite: http://sys-squad.com

                Help a community developer! ;D

                1 Reply Last reply Reply Quote 0
                • jimpJ
                  jimp Rebel Alliance Developer Netgate
                  last edited by

                  I'll just leave this here…
                  http://redmine.pfsense.org/issues/773

                  Remember: Upvote with the 👍 button for any user/post you find to be helpful, informative, or deserving of recognition!

                  Need help fast? Netgate Global Support!

                  Do not Chat/PM for help!

                  1 Reply Last reply Reply Quote 0
                  • J
                    jamesc
                    last edited by

                    I created a restricted user with access to only a few menus and then added that code to line 229 of fbegin.inc

                    When I login as the restricted user, I still see all the menus that I don;t have access to  ???

                    1 Reply Last reply Reply Quote 0
                    • jimpJ
                      jimp Rebel Alliance Developer Netgate
                      last edited by

                      I mainly meant that it's an open feature request so it's a known issue. I'm not sure how proper the fix there there.

                      Remember: Upvote with the 👍 button for any user/post you find to be helpful, informative, or deserving of recognition!

                      Need help fast? Netgate Global Support!

                      Do not Chat/PM for help!

                      1 Reply Last reply Reply Quote 0
                      • J
                        jamesc
                        last edited by

                        Ah ok, thanks Jim  :)

                        1 Reply Last reply Reply Quote 0
                        • M
                          martinjsaunders
                          last edited by

                          @marcelloc:

                          displayed but not accessible

                          Hi,

                          I'm trying to restrict access to page-interfaces: Bridge page and Bridge Edit page for all users including admin. I've tried doing this by editing the XML config for the 'Admins' group as follows:

                          • <system><optimization>normal</optimization>
                              <hostname>pfsense</hostname>
                              <domain>localdomain</domain>
                          • <group><name>admins</name>
                          • <description>-   ]]></description>
                              <scope>system</scope>
                              <gid>1999</gid>
                              <member>0</member>
                              <priv>user-copy-files</priv>
                              <priv>user-ipsec-xauth-dialin</priv>
                              <priv>user-l2tp-dialin</priv>
                              <priv>user-pppoe-dialin</priv>
                              <priv>user-pptp-dialin</priv>
                              <priv>user-shell-access</priv>
                              <priv>user-ssh-tunnel</priv>
                              <priv>page-dashboard-all</priv>
                              <priv>page-dashboard-widgets</priv>
                              <priv>page-diag-system-activity</priv>
                              <priv>page-diagnostics-arptable</priv>
                              <priv>page-diagnostics-authentication</priv>
                              <priv>page-diagnostics-backup/restore</priv>
                              <priv>page-diagnostics-command</priv>
                              <priv>page-diagnostics-configurationhistory</priv>
                              <priv>page-diagnostics-cpuutilization</priv>
                              <priv>page-diagnostics-crash-reporter</priv>
                              <priv>page-diagnostics-edit</priv>
                              <priv>page-diagnostics-factorydefaults</priv>
                              <priv>page-diagnostics-haltsystem</priv>
                              <priv>page-diagnostics-interfacetraffic</priv>
                              <priv>page-diagnostics-logs-dhcp</priv>
                              <priv>page-diagnostics-logs-firewall</priv>
                              <priv>page-diagnostics-logs-pptpvpn</priv>
                              <priv>page-diagnostics-logs-settings</priv>
                              <priv>page-diagnostics-logs-system</priv>
                              <priv>page-diagnostics-nanobsd</priv>
                              <priv>page-diagnostics-packetcapture</priv>
                              <priv>page-diagnostics-patters</priv>
                              <priv>page-diagnostics-ping</priv>
                              <priv>page-diagnostics-rebootsystem</priv>
                              <priv>page-diagnostics-resetstate</priv>
                              <priv>page-diagnostics-restart-httpd</priv>
                              <priv>page-diagnostics-routingtables</priv>
                              <priv>page-diagnostics-showstates</priv>
                              <priv>page-diagnostics-statessummary</priv>
                              <priv>page-diagnostics-tables</priv>
                              <priv>page-diagnostics-traceroute</priv>
                              <priv>page-diagnostics-wirelessstatus</priv>
                              <priv>page-firewall-alias-edit</priv>
                              <priv>page-firewall-alias-import</priv>
                              <priv>page-firewall-aliases</priv>
                              <priv>page-firewall-nat-1-1</priv>
                              <priv>page-firewall-nat-1-1-edit</priv>
                              <priv>page-firewall-nat-outbound</priv>
                              <priv>page-firewall-nat-outbound-edit</priv>
                              <priv>page-firewall-nat-portforward</priv>
                              <priv>page-firewall-nat-portforward-edit</priv>
                              <priv>page-firewall-rules</priv>
                              <priv>page-firewall-rules-edit</priv>
                              <priv>page-firewall-schedules</priv>
                              <priv>page-firewall-schedules-edit</priv>
                              <priv>page-firewall-trafficshaper</priv>
                              <priv>page-firewall-trafficshaper-layer7</priv>
                              <priv>page-firewall-trafficshaper-limiter</priv>
                              <priv>page-firewall-trafficshaper-queues</priv>
                              <priv>page-firewall-trafficshaper-wizard</priv>
                              <priv>page-firewall-virtualipaddress-edit</priv>
                              <priv>page-firewall-virtualipaddresses</priv>
                              <priv>page-getserviceproviders</priv>
                              <priv>page-getstats</priv>
                              <priv>page-hidden-detailedstatus</priv>
                              <priv>page-hidden-execraw</priv>
                              <priv>page-hidden-nolongerincluded</priv>
                              <priv>page-hidden-uploadconfiguration</priv>
                              <priv>page-interfaces</priv>
                              <priv>page-interfaces-assignnetworkports</priv>
                              <priv>page-interfaces-gif</priv>
                              <priv>page-interfaces-gif-edit</priv>
                              <priv>page-interfaces-gre</priv>
                              <priv>page-interfaces-gre-edit</priv>
                              <priv>page-interfaces-groups</priv>
                              <priv>page-interfaces-ppps</priv>
                              <priv>page-interfaces-ppps-edit</priv>
                              <priv>page-interfaces-wireless</priv>
                              <priv>page-interfaces-wireless-edit</priv>
                              <priv>page-interfacess-groups</priv>
                              <priv>page-interfacess-lagg</priv>
                              <priv>page-interfacess-qinq</priv>
                              <priv>page-ipsecxml</priv>
                              <priv>page-loadbalancer-pool</priv>
                              <priv>page-loadbalancer-pool-edit</priv>
                              <priv>page-loadbalancer-virtualserver-edit</priv>
                              <priv>page-openvpn-client</priv>
                              <priv>page-openvpn-csc</priv>
                              <priv>page-openvpn-server</priv>
                              <priv>page-package-edit</priv>
                              <priv>page-package-settings</priv>
                              <priv>page-pfsensewizardsubsystem</priv>
                              <priv>page-pkg-mgr-settings</priv>
                              <priv>page-requiredforjavascript</priv>
                              <priv>page-services-captiveportal</priv>
                              <priv>page-services-captiveportal-allowedhostnames</priv>
                              <priv>page-services-captiveportal-allowedips</priv>
                              <priv>page-services-captiveportal-editallowedhostnames</priv>
                              <priv>page-services-captiveportal-editallowedips</priv>
                              <priv>page-services-captiveportal-editmacaddresses</priv>
                              <priv>page-services-captiveportal-filemanager</priv>
                              <priv>page-services-captiveportal-macaddresses</priv>
                              <priv>page-services-captiveportal-voucher-edit</priv>
                              <priv>page-services-captiveportal-vouchers</priv>
                              <priv>page-services-dnsforwarder</priv>
                              <priv>page-services-dnsforwarder-editdomainoverride</priv>
                              <priv>page-services-dnsforwarder-edithost</priv>
                              <priv>page-services-dynamicdnsclient</priv>
                              <priv>page-services-dynamicdnsclients</priv>
                              <priv>page-services-igmpproxy</priv>
                              <priv>page-services-loadbalancer-monitor</priv>
                              <priv>page-services-loadbalancer-monitor-edit</priv>
                              <priv>page-services-loadbalancer-relay-action</priv>
                              <priv>page-services-loadbalancer-relay-action-edit</priv>
                              <priv>page-services-loadbalancer-relay-protocol</priv>
                              <priv>page-services-loadbalancer-relay-protocol-edit</priv>
                              <priv>page-services-loadbalancer-virtualservers</priv>
                              <priv>page-services-pppoeserver</priv>
                              <priv>page-services-pppoeserver-eidt</priv>
                              <priv>page-services-rfc2136clients</priv>
                              <priv>page-services-snmp</priv>
                              <priv>page-services-wakeonlan</priv>
                              <priv>page-services-wakeonlan-edit</priv>
                              <priv>page-status-captiveportal</priv>
                              <priv>page-status-captiveportal-test</priv>
                              <priv>page-status-captiveportal-voucher-rolls</priv>
                              <priv>page-status-captiveportal-vouchers</priv>
                              <priv>page-status-carp</priv>
                              <priv>page-status-cpuload</priv>
                              <priv>page-status-dhcpleases</priv>
                              <priv>page-status-filterreloadstatus</priv>
                              <priv>page-status-gatewaygroups</priv>
                              <priv>page-status-gateways</priv>
                              <priv>page-status-interfaces</priv>
                              <priv>page-status-ipsec</priv>
                              <priv>page-status-ipsec-sad</priv>
                              <priv>page-status-ipsec-spd</priv>
                              <priv>page-status-loadbalancer-pool</priv>
                              <priv>page-status-loadbalancer-virtualserver</priv>
                              <priv>page-status-openvpn</priv>
                              <priv>page-status-packagelogs</priv>
                              <priv>page-status-rrdgraph-settings</priv>
                              <priv>page-status-rrdgraphs</priv>
                              <priv>page-status-services</priv>
                              <priv>page-status-systemlogs-ipsecvpn</priv>
                              <priv>page-status-systemlogs-loadbalancer</priv>
                              <priv>page-status-systemlogs-openntpd</priv>
                              <priv>page-status-systemlogs-openvpn</priv>
                              <priv>page-status-systemlogs-portalauth</priv>
                              <priv>page-status-systemlogs-ppp</priv>
                              <priv>page-status-trafficgraph</priv>
                              <priv>page-status-trafficshaper-queues</priv>
                              <priv>page-status-upnpstatus</priv>
                              <priv>page-system-advanced-admin</priv>
                              <priv>page-system-advanced-firewall</priv>
                              <priv>page-system-advanced-misc</priv>
                              <priv>page-system-advanced-network</priv>
                              <priv>page-system-advanced-notifications</priv>
                              <priv>page-system-advanced-sysctl</priv>
                              <priv>page-system-authservers</priv>
                              <priv>page-system-camanager</priv>
                              <priv>page-system-certmanager</priv>
                              <priv>page-system-crlmanager</priv>
                              <priv>page-system-firmware-autoupdate</priv>
                              <priv>page-system-firmware-checkforupdate</priv>
                              <priv>page-system-firmware-manualupdate</priv>
                              <priv>page-system-firmware-settings</priv>
                              <priv>page-system-gatewaygroups</priv>
                              <priv>page-system-gateways</priv>
                              <priv>page-system-gateways-editgateway</priv>
                              <priv>page-system-gateways-editgatewaygroups</priv>
                              <priv>page-system-generalsetup</priv>
                              <priv>page-system-groupmanager</priv>
                              <priv>page-system-groupmanager-addprivs</priv>
                              <priv>page-system-license</priv>
                              <priv>page-system-login/logout</priv>
                              <priv>page-system-packagemanager</priv>
                              <priv>page-system-packagemanager-installed</priv>
                              <priv>page-system-packagemanager-installpackage</priv>
                              <priv>page-system-staticroutes</priv>
                              <priv>page-system-staticroutes-editroute</priv>
                              <priv>page-system-usermanager</priv>
                              <priv>page-system-usermanager-addprivs</priv>
                              <priv>page-system-usermanager-passwordmg</priv>
                              <priv>page-system-usermanager-settings</priv>
                              <priv>page-system-usermanager-settings-testldap</priv>
                              <priv>page-upload_progress</priv>
                              <priv>page-vpn-ipsec</priv>
                              <priv>page-vpn-ipsec-editkeys</priv>
                              <priv>page-vpn-ipsec-editphase1</priv>
                              <priv>page-vpn-ipsec-editphase2</priv>
                              <priv>page-vpn-ipsec-listkeys</priv>
                              <priv>page-vpn-ipsec-mobile</priv>
                              <priv>page-vpn-vpnl2tp</priv>
                              <priv>page-vpn-vpnl2tp-users</priv>
                              <priv>page-vpn-vpnl2tp-users-edit</priv>
                              <priv>page-vpn-vpnpptp</priv>
                              <priv>page-vpn-vpnpptp-user-edit</priv>
                              <priv>page-vpn-vpnpptp-users</priv>
                              <priv>page-xmlrpcinterfacestats</priv>
                              <priv>page-xmlrpclibrary</priv></group>

                          When I reload the config the group seems to correctly reflect the new privaleges above, missing the Bridge pages (plus a few others I removed), but the pages are still accessable and I can still Bridge interfaces. Have I done something silly?

                          Thanks very much in advance!

                          M.</system>

                          1 Reply Last reply Reply Quote 0
                          • M
                            martinjsaunders
                            last edited by

                            @martinjsaunders:

                            When I reload the config the group seems to correctly reflect the new privaleges above, missing the Bridge pages (plus a few others I removed), but the pages are still accessable and I can still Bridge interfaces. Have I done something silly?

                            Thanks very much in advance!

                            M.

                            To answer my own question, if I add a new users in the group Admins it inherits the correct permissions. This is fine but I'd rather disable admin for Bridging as well, is the admin user inheriting it's permissions from somwhere else as well?

                            1 Reply Last reply Reply Quote 0
                            • First post
                              Last post
                            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.