summaryrefslogtreecommitdiffstats
path: root/src/etc/inc/priv/user.priv.inc
diff options
context:
space:
mode:
Diffstat (limited to 'src/etc/inc/priv/user.priv.inc')
-rw-r--r--src/etc/inc/priv/user.priv.inc74
1 files changed, 74 insertions, 0 deletions
diff --git a/src/etc/inc/priv/user.priv.inc b/src/etc/inc/priv/user.priv.inc
new file mode 100644
index 0000000..6414008
--- /dev/null
+++ b/src/etc/inc/priv/user.priv.inc
@@ -0,0 +1,74 @@
+<?php
+
+global $priv_list;
+
+$priv_list['user-services-captiveportal-login'] = array();
+$priv_list['user-services-captiveportal-login']['name'] = gettext("User - Services - Captive portal login");
+$priv_list['user-services-captiveportal-login']['descr'] = gettext("Indicates whether the user is able to login on the captive portal.");
+
+$priv_list['page-help-all'] = array();
+$priv_list['page-help-all']['name'] = "WebCfg - Help pages";
+$priv_list['page-help-all']['descr'] = "Show all items on help menu";
+$priv_list['page-help-all']['match'] = array();
+$priv_list['page-help-all']['match'][] = "*help.php";
+
+$priv_list['page-dashboard-all'] = array();
+$priv_list['page-dashboard-all']['name'] = "WebCfg - Dashboard (all)";
+$priv_list['page-dashboard-all']['descr'] = "Allow access to all pages required for the dashboard.";
+$priv_list['page-dashboard-all']['match'] = array();
+$priv_list['page-dashboard-all']['match'][] = "index.php*";
+$priv_list['page-dashboard-all']['match'][] = "*.widget.php*";
+$priv_list['page-dashboard-all']['match'][] = "graph.php*";
+$priv_list['page-dashboard-all']['match'][] = "graph_cpu.php*";
+$priv_list['page-dashboard-all']['match'][] = "getstats.php*";
+$priv_list['page-dashboard-all']['match'][] = "ifstats.php*";
+$priv_list['page-dashboard-all']['match'][] = "diag_logs_filter_dynamic.php*";
+
+$priv_list['page-dashboard-widgets'] = array();
+$priv_list['page-dashboard-widgets']['name'] = "WebCfg - Dashboard widgets (direct access).";
+$priv_list['page-dashboard-widgets']['descr'] = "Allow direct access to all Dashboard widget pages, required for some widgets using AJAX.";
+$priv_list['page-dashboard-widgets']['match'] = array();
+$priv_list['page-dashboard-widgets']['match'][] = "*.widget.php*";
+
+$priv_list['user-config-readonly'] = array();
+$priv_list['user-config-readonly']['name'] = "User - Config - Deny Config Write";
+$priv_list['user-config-readonly']['descr'] = "If present, ignores requests from this user to write config.xml.";
+
+$priv_list['user-shell-access'] = array();
+$priv_list['user-shell-access']['name'] = "User - System - Shell account access";
+$priv_list['user-shell-access']['descr'] = "Indicates whether the user is able to login for ".
+ "example via SSH.";
+
+$priv_list['user-copy-files'] = array();
+$priv_list['user-copy-files']['name'] = "User - System - Copy files";
+$priv_list['user-copy-files']['descr'] = "Indicates whether the user is allowed to copy files ".
+ "onto the {$g['product_name']} appliance via SCP/SFTP. ".
+ "If you are going to use this privilege, you must install ".
+ "scponly on the appliance (Hint: pkg_add -r scponly).";
+
+$priv_list['user-ssh-tunnel'] = array();
+$priv_list['user-ssh-tunnel']['name'] = "User - System - SSH tunneling";
+$priv_list['user-ssh-tunnel']['descr'] = "Indicates whether the user is able to login for ".
+ "tunneling via SSH when they have no shell access. ".
+ "Note: User - System - Copy files conflicts with ".
+ "this privilege.";
+
+$priv_list['user-ipsec-xauth-dialin'] = array();
+$priv_list['user-ipsec-xauth-dialin']['name'] = "User - VPN - IPsec xauth Dialin";
+$priv_list['user-ipsec-xauth-dialin']['descr'] = "Indicates whether the user is allowed to dial in via IPsec xauth ".
+ "(Note: Does not allow shell access, but may allow ".
+ "the user to create SSH tunnels)";
+
+$priv_list['user-l2tp-dialin'] = array();
+$priv_list['user-l2tp-dialin']['name'] = "User - VPN - L2TP Dialin";
+$priv_list['user-l2tp-dialin']['descr'] = "Indicates whether the user is allowed to dial in via L2TP";
+
+$priv_list['user-pptp-dialin'] = array();
+$priv_list['user-pptp-dialin']['name'] = "User - VPN - PPTP Dialin";
+$priv_list['user-pptp-dialin']['descr'] = "Indicates whether the user is allowed to dial in via PPTP";
+
+$priv_list['user-pppoe-dialin'] = array();
+$priv_list['user-pppoe-dialin']['name'] = "User - VPN - PPPOE Dialin";
+$priv_list['user-pppoe-dialin']['descr'] = "Indicates whether the user is allowed to dial in via PPPOE";
+
+?>
OpenPOWER on IntegriCloud