Hostgroup Authorization Change

[Rob Nelson]

>Current State:
>
>If a user has rights to view at least one host (but not all)
>in a particular hostgroup, they are able to see the hostgroup in the
>CGIs.  However, the hosts that the are listed in the hostgroup are
>only the ones they have access to.  I don't think its desirable to
>show a "clipped" version of a hostgroup like this, as its a bit
>deceiving.
>
>
>Proposed Change:
>
>In order to view a specific hostgroup (or commit commands for a it)
>user would have to have rights to view *all* hosts in that hostgroup.

IMO this would be better solved if there was a read and a write access, if 
you had write access to some hosts in a group you could also have read 
access. This way the hostgroup wouldn't be clipped, necessarily, the person 
just wouldn't be able to view anything more than "OK, Warn, Crit" for a 
host. If they didn't have read access, then it would be clipped.

Personally, I like the current state. We outsource our tech support and I 
want them to see what's happening at each site as it affects the clients. I 
don't necessarily want or need them to see the state of SSH on our internal 
VPN or the memory usage of a server.


Rob Nelson
Network Administrator, Capitol Broadband
C: 919-369-1874
rob at capband.net 



-------------------------------------------------------
This SF.Net email sponsored by: Free pre-built ASP.NET sites including
Data Reports, E-commerce, Portals, and Forums are available now.
Download today and enter to win an XBOX or Visual Studio .NET.
http://aspnet.click-url.com/go/psa00100006ave/direct;at.asp_061203_01/01