Safe usage of "User management" -> "CP users"

Discussion in 'General' started by Milos Djakonovic, Feb 11, 2021.

  1. Milos Djakonovic

    Milos Djakonovic New Member

    Hello, I'm sorry because I'm most probably asking a question that has been answered somewhere, but searching haven't helped me a lot and "ispconfig_3_1_manual" does not cover this. It is about well know intimidating warning:

    WARNING: Do not edit or modify any user settings here. Use the Client- and Reseller settings in the Client module instead. Modifying or changing users or groups here may cause data loss!​

    I've even come to the related issue (#4980), but nowhere have I found conclusive:

    - what kind of "User management" is safe under the "User management" -> "CP users",
    - is it safe to add other admin user (not client)
    - is it safe to modify other admin user (not client) - to change any of the available options (password, available modules., type, active...)
    - is it safe to modify group membership / default group here
    - Modifying or changing what kind of users or groups may cause of (what kind of) data loss
    - Are the possible damage (data loss) done here contained to what is reversible by restoring mysqldump and /etc dir backup?

    Thanks for any clue in advanced.
     
  2. Th0m

    Th0m ISPConfig Developer Staff Member ISPConfig Developer

    Yes.
    Yes
    Only for admin users, not for client users.
    Normal users that are created when the client was created.
    Yes, but if this is done incorrectly it might break other things (pending jobs for example).

    To summarize, you can add/edit/delete admin users in this tab and change the settings for these users. For client users, always use the client module.
     
  3. Milos Djakonovic

    Milos Djakonovic New Member

    Thank you very much for explanation.
     
  4. nhybgtvfr

    nhybgtvfr Well-Known Member HowtoForge Supporter

    maybe that warning should be modified to read:
    WARNING: Do not edit or modify any client settings here. Use the Client- and Reseller settings in the Client module instead. Modifying or changing client users or groups here may cause data loss!

    and maybe add another sentence along the lines of:
    use this page only to create a new admin user, or to modify an existing admin users settings.
     
  5. Th0m

    Th0m ISPConfig Developer Staff Member ISPConfig Developer

    Good idea, feel free to open a issue in our GitLab with this request :)
     
  6. nhybgtvfr

    nhybgtvfr Well-Known Member HowtoForge Supporter

  7. Milos Djakonovic

    Milos Djakonovic New Member

    thumbs up for wording improvement suggestion.
     
  8. TonyG

    TonyG Active Member

    Rather than offering input controls and a Save button, and suggesting that we not use them, wouldn't it be more elegant to check for `if Type = User then Submit.Enabled = False` ? And then change the message to "Update of Clients and Resellers disabled - Use the Client- and Reseller settings in the Client module instead."
     
  9. nhybgtvfr

    nhybgtvfr Well-Known Member HowtoForge Supporter

    if you set submit.enabled = false if type = user then if, at any point a normal client or reseller was upgraded into an admin account it would then be impossible to demote them back to a normal user account via the interface.
     
  10. Th0m

    Th0m ISPConfig Developer Staff Member ISPConfig Developer

    You should not do such things though. So Tony's idea could be used imo.
     

Share This Page