I think it is disappointing that a categorisation of Astaro users is not allowed so that we can allow a non Astaro administrator general access to the Mail Manager portal. We have an auditor category, so presumably it would not have been difficult to extend this to a similar category.
we are currently working on extending the RoleBased administration to additional roles. But there are many different possible roles wanted. Some want a Mail Admin, others a Web Administrator, third a VPN admin, we also have requests for a dedicated mail manager role, other want certan admins to only extend exceptions but not change it, ....
And so on.
Therefore it is not quite simple to find a way to cover it all, we are searching for ways to cover most of the requests.
we are developping an ISP/ASP complete web application for which we are managing roles for any type of feature, here is what we are doing:
- each page/functionality is identified by a role type/id which is uniq... - for each role we can set privilege (view, modification, admin) - and we create several default roles to which a user can be assigned - we are of course able to add custom roles
this is really easy to handle you only need to add a function at top of perl script to check the user privileges against the role type/id of the page to process, if he can only view, modify or admin things... and pages to manage roles/privileges for users... with such a thing everybody is happy... you can add a vpn admin which is able to manage only vpn stuff, email admins, ... or just some view only accounts..
we are developping an ISP/ASP complete web application for which we are managing roles for any type of feature, here is what we are doing:
- each page/functionality is identified by a role type/id which is uniq... - for each role we can set privilege (view, modification, admin) - and we create several default roles to which a user can be assigned - we are of course able to add custom roles
this is really easy to handle you only need to add a function at top of perl script to check the user privileges against the role type/id of the page to process, if he can only view, modify or admin things... and pages to manage roles/privileges for users... with such a thing everybody is happy... you can add a vpn admin which is able to manage only vpn stuff, email admins, ... or just some view only accounts..
