Re: [PacketFence-users] Admin Roles - Allowed Node Roles

2016-12-07 Thread Tim DeNike 
Anyone?

On Mon, Dec 5, 2016 at 11:15 AM, Tim DeNike  wrote:

> PF 6.3.  I set an Admin role for helpdesk users and give them access to a
> limited # of the roles in our system.  Just the roles they would need to do
> their job.  This works in Node view by doing a bulk register, but if they
> click on the node and want to change the role/register a device, it shows
> as readonly unless the device is currently registered and has a role that
> they have access to, not if the device is unregistered and has no role.
> The goal is to allow them to assign devices to the commonly used roles
> around campus, but deny them access to roles that are used dynamically (IE:
>  802.1x), or that they just plain don't need.
>
> I *think* we just need to allow them access to a "NULL" role to be able to
> do this.. I just can't find the best place to hack it together.
>
> Thoughts?
>
--
Developer Access Program for Intel Xeon Phi Processors
Access to Intel Xeon Phi processor-based developer platforms.
With one year of Intel Parallel Studio XE.
Training and support from Colfax.
Order your platform today.http://sdm.link/xeonphi___
PacketFence-users mailing list
PacketFence-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/packetfence-users

[PacketFence-users] Admin Roles - Allowed Node Roles

2016-12-05 Thread Tim DeNike 
PF 6.3.  I set an Admin role for helpdesk users and give them access to a
limited # of the roles in our system.  Just the roles they would need to do
their job.  This works in Node view by doing a bulk register, but if they
click on the node and want to change the role/register a device, it shows
as readonly unless the device is currently registered and has a role that
they have access to, not if the device is unregistered and has no role.
The goal is to allow them to assign devices to the commonly used roles
around campus, but deny them access to roles that are used dynamically (IE:
 802.1x), or that they just plain don't need.

I *think* we just need to allow them access to a "NULL" role to be able to
do this.. I just can't find the best place to hack it together.

Thoughts?
--
___
PacketFence-users mailing list
PacketFence-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/packetfence-users