Forbid admin to view admin panel

zhijiex

osTicket system allow to create new user whose account type is admin.

But each admin user can view admin panel and update system settings.

Is it possible to allow only super admin to view and update system settings.

Other general admin users can not view admin panel.

thofei

Hi,

very quick hack: Just replace the check, if the user is admin with a check if the username is the one who should be able to access the admin area:

So:

open /include/staff/header.inc.php, search for

if($thisuser->isAdmin() && !defined('ADMINPAGE')) { ?>

and replace that with

if( ($thisuser->getUsername() = "superuseradminname" ) && !defined('ADMINPAGE')) { ?>

Please note, that i haven't tested that, guess it's obvious that you have to replace "superuseradminname" with the login name of the respective person. And i'm pretty sure, there's a more "elegant" solution as well :)

Best

zhijiex

I have added

if( ($thisuser->getUsername() = "superuseradminname" ) && !defined('ADMINPAGE')) { ?>

But staff and admin login and then display empty page. There is an error caused. I do not see where is error information.

thofei

I have added
if( ($thisuser->getUsername() = "superuseradminname" ) && !defined('ADMINPAGE')) { ?>
But staff and admin login and then display empty page. There is an error caused. I do not see where is error information.

have you replaced "superuseradminname" with a real value? For example if your login here is the same as in OsTicket and you should be the superadmin, the line would be

if( ($thisuser->getUsername() = "zhijiex" ) && !defined('ADMINPAGE')) { ?>

Best

zhijiex

I have replaced "superuseradminname" with my real super admin name such as "administrator". It not works.

zhijiex

I want to see any error information. I also set php.ini

display_errors = On

error_reporting = E_ALL & ~E_NOTICE

But nothing displayed in the browser when user login system.

What happened?

thofei

oh sorry, my fault ...

It needs to be "==", not "="

... $thisuser->getUsername() == "superuseradminname" ...

And please note: This is a fast hack and only disables the "admin" link in the top right corner. It is still possible to access the admin area for anyone with admin rights, if they login and then call "admin.php" manually, so you probably need to enter a similiar check in admin.php as well

Best

zhijiex

It works fine now.