Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Restricted user logging into webui does NOT defautl to dahsboard

    Scheduled Pinned Locked Moved webGUI
    2 Posts 1 Posters 1.2k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • S
      snm777
      last edited by

      EDIT: This has been found by, and described much better by, someone else, and is described in this thread:
      https://forum.pfsense.org/index.php?topic=70776.0
      basically, whatever right you assign last to a user through a group, that will be their start page.

      I need some help here - I have a user that is not allowed access to all secitons of the UI, but the ARE allowed access to the dashboard and widgets:
      WebCfg - Dashboard (all)
      WebCfg - Dashboard widgets (direct access)

      When this user logs in, under 2.1.4 they were taken to the Diagnostics: System Activity page, and I was troubleshooting that when 2.1.5 was released last week. 
      I rebuilt the firewall in 2.1.5 (form the image, I did NOT update the 2.1.4 instance), installed all packages I wanted, and restored a backup from 2.1.4.  Packages re-installed fine after that and everything is working, but now when the restricted user logs in, they are taken to Status: Sarg Reports.

      How do I force it so that when a user logs in, they are always taken to the dashboard?  When I login as admin, I am always taken to the dashboard, that's what I want for any other local users I create…perhaps I'm missing a permission?

      Below I've attached all the permissions granted to the restricted user:

      WebCfg - Diagnostics: System Activity Allows access to the 'Diagnostics: System Activity' page
      WebCfg - Diagnostics: Authentication page Allow access to the 'Diagnostics: Authentication' page.
      WebCfg - Diagnostics: CPU Utilization page Allow access to the 'Diagnostics: CPU Utilization' page.
      WebCfg - Diagnostics: Interface Traffic page Allow access to the 'Diagnostics: Interface Traffic' page.
      Diagnostics: Limiter Info Allows access to the 'Diagnostics: Limiter Info' page
      WebCfg - Diagnostics: Logs: Firewall page Allow access to the 'Diagnostics: Logs: Firewall' page.
      WebCfg - Diagnostics: Logs: Gateways page Allow access to the 'Diagnostics: Logs: System: Gateways' page.
      WebCfg - Diagnostics: Logs: VPN page Allow access to the 'Diagnostics: Logs: VPN' page.
      WebCfg - Diagnostics: Logs: Resolver page Allow access to the 'Diagnostics: Logs: System: Resolver' page.
      WebCfg - Diagnostics: Logs: Settings page Allow access to the 'Diagnostics: Logs: Settings' page.
      WebCfg - Diagnostics: Ping page Allow access to the 'Diagnostics: Ping' page.
      WebCfg - Diagnostics: Routing tables page Allow access to the 'Diagnostics: Routing tables' page.
      WebCfg - Diagnostics: Traceroute page Allow access to the 'Diagnostics: Traceroute' page.
      WebCfg - Firewall: Aliases page Allow access to the 'Firewall: Aliases' page.
      WebCfg - Firewall: NAT: 1:1 page Allow access to the 'Firewall: NAT: 1:1' page.
      Webcfg - Firewall: NAT: NPT page Allow access to the 'Firewall: NAT: NPT' page.
      WebCfg - Firewall: NAT: Outbound page Allow access to the 'Firewall: NAT: Outbound' page.
      WebCfg - Firewall: NAT: Port Forward page Allow access to the 'Firewall: NAT: Port Forward' page.
      WebCfg - Firewall: Rules page Allow access to the 'Firewall: Rules' page.
      WebCfg - Firewall: Virtual IP Addresses page Allow access to the 'Firewall: Virtual IP Addresses' page.
      WebCfg - Help pages Show all items on help menu
      WebCfg - OpenVPN: Client page Allow access to the 'OpenVPN: Client' page.
      WebCfg - OpenVPN: Client Specific Override page Allow access to the 'OpenVPN: Client Specific Override' page.
      WebCfg - OpenVPN: Server page Allow access to the 'OpenVPN: Server' page.
      WebCfg - Status: CPU load page Allow access to the 'Status: CPU load' page.
      WebCfg - Dashboard widgets (direct access). Allow direct access to all Dashboard widget pages, required for some widgets using AJAX.
      WebCfg - Status: Interfaces page Allow access to the 'Status: Interfaces' page.
      WebCfg - Status: IPsec page Allow access to the 'Status: IPsec' page.
      WebCfg - Status: OpenVPN page Allow access to the 'Status: OpenVPN' page.
      WebCfg - Status: RRD Graphs settings page Allow access to the 'Status: RRD Graphs: settings' page.
      WebCfg - Status: RRD Graphs page Allow access to the 'Status: RRD Graphs' page.
      WebCfg - Status: Traffic Graph page Allow access to the 'Status: Traffic Graph' page.
      WebCfg - Dashboard (all) Allow access to all pages required for the dashboard.
      WebCfg - Status: Sarg reports Allow access to sarg reports page. delete
      WebCfg - OpenVPN: Client Export Utility Allow access to the OpenVPN: Client Export Utility page.

      Any help would be greatly appreciated, thanks!

      UPDATE: I just found this in the log file:
      php: /index.php: client_admin@74.204.0.4 attempted to access /index.php but does not have access to that page. Redirecting to diag_system_activity.php.
      So, apparently none of the rights granted to the client_admin user give it the rights to view index.php? Not entirely certain what to make of this.

      1 Reply Last reply Reply Quote 0
      • S
        snm777
        last edited by

        One additional piece of information - I just deleted and re-created the account, and now the user defaults to the Diagnostics: System Activity page again…. not sure how this works, obviously :)

        1 Reply Last reply Reply Quote 0
        • First post
          Last post
        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.