CMD_LOGIN_KEYS: read-only option for Users (SKINS)

Version 1.62.9

Feature
Finished

If a login key is created with the login-as function, eg: $user = "admin|fred"; //fred is a User the Reseller/Admin would be shown an option to make the key read-only for the Users. Any login-as account doing work can still delete the key. This will prevent Users from modifying/deleting keys that they shouldn't have access to. ========= Usage: For any call, when using a higher-power, like "Login-As" or CLI URL creation, pass: client_read_only=yes which sets this in the key.conf, preventing Users from deleting or modifying it with their direct login. A Reseller/Admin with Login-As can still delete/modify. ========= SKINS data/skins/enhanced/user/create_login_key.html data/skins/enhanced/user/modify_login_key.html Just above the "current password" line: |*if USERNAME!=LOGIN_AS_MASTER_NAME| <tr><td class=list2>|LANG_READ_ONLY|:</td> <td class=list2 colspan=2><input type=checkbox name=client_read_only value="yes" |CLIENT_READ_ONLY_CHECKED|> |LANG_READ_ONLY_INFO| </td> </tr> |*endif| ========= JSON The call to: CMD_LOGIN_KEYS?json=yes will now include an 8th row: client_read_only set to yes or no. If it's set to "yes", then you'd block deletion and modify if it's a direct login (not login-as) The back-end will still do this, but doing it ahead of time in the GUI might avoid confusion. Enhanced is comparing global USERNAME to LOGIN_AS_MASTER_NAME. If they do match, a direct login, thus respect the client_read_only for blocking. ---- T34215 EVO2148

Interested to try DirectAdmin? Get a 30-day Free Trial!