Login Keys error

R

Remitur

Verified User
Joined
May 11, 2018
Messages
69
Location
Sežana (Slovenia)
I created a login key for a certain user, with limited permissions and checking the option "Allows browsing of the DA interface to HTM, IMG and CSS files."

But if I log in using that login key, Im getting an error

OOPS!
Privileges needed to load the skin have not been granted for this account or unexpected issue has happened. Please contact your administrator.

And in the log for this key I can find:

2022-09-21 23:19 111.111.111.111 Valid Login
2022-09-21 23:19 111.111.111.111 Failed The command '/api' is not in the key's allowed list.
2022-09-21 23:19 111.111.111.111 Failed The command '/api' is not in the key's allowed list.
2022-09-21 23:19 111.111.111.111 Failed The command '/api' is not in the key's allowed list.

but I can't find any CMD_API to enable (but instead a huge number of CMD_API_somethingmore ...)

What's the missing permission?
Or what else I'm missing?
 
I did further tests, and I realized that the error ("OOPS! Privileges needed to load the skin have not been granted for this account or unexpected issue has happened. Please contact your administrator.") occurs if ALL_USER is denied.
But if ALL_USER il allowed, the user is allowed to do anything, while I would like to profile his permissions...

(Note: what I would get is a user account able to just manage redirects (/user/redirects), and no other (no FTP, no email, no domain setup, no file manager etc.)

Is it somehow possible?
 
hi @Remitur, Evolution skin works quite differently from the old DA skins. The check-box Allows browsing of the DA interface to HTM, IMG and CSS files. does not have much effect for Evolution because Evolution skin assets are always available and parts of the data are retrieved from API endpoints. Furthermore recent Evolution versions require access to some new API endpoints that are not visible in the login-keys command list.

So right now with DA 1.643 it is not possible to use login-key with Evo access but limited functionality. We will consider your use case (having Evo access but with reduced features) and might bring its support in future versions.
 
fln said:
Furthermore recent Evolution versions require access to some new API endpoints that are not visible in the login-keys command list.
Click to expand...
So, reverting the user to the old skin could be a way to get the result I need (a user able to manage just and only /user/redirects) ?
 
If you want to control what actions user can perform you can use feature sets. The issue here is that we do not support using Login-Key to be used for Evolution with actions restricted by the login-key not they user account config (using keys for API access works fine).

This is not something that was introduced in the last release but have been like that for quite some time. Stay tuned, we will check if we can release an intermediate compatibility mode to make it work for the time being.
 
You must log in or register to reply here.
Back
Top