Work at SourceForge, help us to make it a better place! We have an immediate need for a Support Technician in our San Francisco or Denver office.


#2 Role Based Access Control


It would be extremely useful to be able to add users to a groups, and then control what devices that group is able to view / alter through port control and device control. Personally, specifying devices by subnets would be most useful, and each user being able to exist within multiple groups.


  • Oliver Gorwits
    Oliver Gorwits

    Ticket moved from /p/netdisco/feature-requests/107/

    Can't be converted:

    • _milestone:
    • _priority: 5
  • Oliver Gorwits
    Oliver Gorwits

    • labels: Front-End Enhancements --> Web, Wishlist
    • Milestone: -->
  • Oliver Gorwits
    Oliver Gorwits

    • Status: open --> new
  • Oliver Gorwits
    Oliver Gorwits

    Restrict by:

    • Subnet
    • Device
    • Individual Port Control actions
  • Eric A. Miller
    Eric A. Miller

    I like the concept of a "Domain" and "Groups" with the domain being an arbitrary identifier not tied to IP addressing or anything device specific. For example "Domain 1" or "Domain 2". While I believe the group should be based upon something network specific such as prefix / subnet. I also think groups should support nesting or sub-groups based upon their identifier, for example subnet is part of the larger subnet Role based access ideally would apply to both Domains and Groups first checking the Domain then the most specific group.

    Supporting Domains would allow for overlapping address space. Groups would enable segregation within Domains.

    However, even with both Domains and Groups I believe multi-tenant installs should use a separate database per tenant to ensure data separation.