Note ! This is new version, which is in development branch only, the latest stable version - Webacula 5.0.2
In the new Webacula 5.5 I plan to implement a Bacula ACLs:
- JobACL
- ClientACL
- StorageACL
- PoolACL
- FileSetACL
- CommandACL
- WhereACL
- ScheduleACL not used in Webacula, not implemented
- CatalogACL not used in Webacula, not implemented
Will also restrict access to Webacula menu, i.e. will be implemented Webacula ACLs.
It is planned that each user can have their (separate) console.conf to run Bacula bconsole.
All Webacula tables will be migrate to the Bacula database environment, and will have the prefix "webacula_*" to avoid conflicts with the names of native Bacula tables.
![[Image]](http://4.bp.blogspot.com/_Aw6ARpGHCoU/TMEX6gcdryI/AAAAAAAAAy8/6cm-i4qegus/s1600/webacula_acl.jpg)
Explanations for Figure.
*acl tables:
- Supports inheritance of roles
- If the "name" field contains a string "_LOGIN_" it is replaced by the user "login".
- All actions are prohibited (by default), and allowed only what is expressly permitted. I.e. in other words, if there is no ACL rule, the user has no rights.
- Rules are applied in order "order_acl", until it encounters an allow rule or a list of rules will not end - in this case be denied access.
- In future versions of the "name" field can contain regexp
What has already been implemented:
- Login form to authenticate users, with several unsuccessful attempts to login enabled CAPTCHA
- prototype for Webacula ACLs
- Implemented Bacula PoolACL
- Implemented Bacula StorageACL
First Release Candidate is scheduled around the end of this year.
Is good to see new feature many thanks Yuri
ОтветитьУдалитьgreat
ОтветитьУдалитьgreat
ОтветитьУдалить