luca0N/lanbassador
luca0N/lanbassador
1
1
Fork 0
Code Issues 24 Pull requests 1 Projects 1 Releases 1 Packages Wiki Activity Actions

Add administrator features #72

New issue
Open
opened 2026-05-12 22:27:00 +00:00 by luca0N · 1 comment
luca0N commented 2026-05-12 22:27:00 +00:00
Owner
Copy link

The current database schema allows the assignment of administrative privileges to user accounts. Administrators should have access to administrative tools, which have not been developed yet.

  • Instance overview (list of accounts, uptime, etc.)
  • Creation of user accounts (useful for instances with user registration disabled)
  • Removal of user accounts
  • Assignment of user accounts as administrator

This list should suffice for now. Changing server settings via the web UI is not possible in the current state, as all server settings are stored on disk, and not on the database.

The current database schema allows the assignment of administrative privileges to user accounts. Administrators should have access to administrative tools, which have not been developed yet. - [ ] Instance overview (list of accounts, uptime, etc.) - [ ] Creation of user accounts (useful for instances with user registration disabled) - [ ] Removal of user accounts - [ ] Assignment of user accounts as administrator This list should suffice for now. Changing server settings via the web UI is not possible in the current state, as all server settings are stored on disk, and not on the database.
luca0N added this to the v1.0.0 project 2026-05-12 22:27:00 +00:00
luca0N commented 2026-05-12 22:31:45 +00:00
Author
Owner
Copy link

A feature that allows administrators to give administrator privileges to other user accounts is tricky, since the current account privilege system in Lanbassador is primitive. For instance, a compromised administrator account could remove administrator privileges from another administrator accounts, and wreak havoc on the server.

To counter this, I believe the best solution is to disallow administrator accounts from removing administrator privileges from other accounts or deleting them (and show a warning in the web app about the consequences of giving another user such privileges). Instead, the removal or demoting of administrator accounts should be done from the server via the command line, either as a special command or command line argument to the server, or by invoking a new separate program which does the work. Of course, it would be possible for instance owners to modify everything manually in the database, but this would result in poor UX, plus, the command line solution could be expanded in the future to accommodate new features.

A feature that allows administrators to give administrator privileges to other user accounts is tricky, since the current account privilege system in Lanbassador is primitive. For instance, a compromised administrator account could remove administrator privileges from another administrator accounts, and wreak havoc on the server. To counter this, I believe the best solution is to disallow administrator accounts from removing administrator privileges from other accounts or deleting them (and show a warning in the web app about the consequences of giving another user such privileges). Instead, the removal or demoting of administrator accounts should be done from the server via the command line, either as a special command or command line argument to the server, or by invoking a new separate program which does the work. Of course, it would be possible for instance owners to modify everything manually in the database, but this would result in poor UX, plus, the command line solution could be expanded in the future to accommodate new features.
Sign in to join this conversation.
No Branch/Tag specified
Branches Tags
main
dev_server_tests
dev
v0.1.0
Labels
Clear labels   
Compat/Breaking
Breaking change that won't be backward compatible

  
Kind/Bug
Something is not working

  
Kind/Documentation
Documentation changes

  
Kind/Enhancement
Improve existing functionality

  
Kind/Feature
New functionality

  
Kind/Security
This is security issue

  
Kind/Testing
Issue or pull request related to testing

  
Priority
Critical
 The priority is critical

  
Priority
High
 The priority is high

  
Priority
Low
 The priority is low

  
Priority
Medium
 The priority is medium

  
Reviewed
Confirmed
 Issue has been confirmed

  
Reviewed
Duplicate
 This issue or pull request already exists

  
Reviewed
Invalid
 Invalid issue

  
Reviewed
Won't Fix
 This issue won't be fixed

  
Status
Abandoned
 Somebody has started to work on this but abandoned work

  
Status
Blocked
 Something is blocking this issue or pull request

  
Status
Need More Info
 Feedback is required to reproduce issue or to continue work

No labels
Compat/Breaking
Kind/Bug
Kind/Documentation
Kind/Enhancement
Kind/Feature
Kind/Security
Kind/Testing
Priority
Critical
Priority
High
Priority
Low
Priority
Medium
Reviewed
Confirmed
Reviewed
Duplicate
Reviewed
Invalid
Reviewed
Won't Fix
Status
Abandoned
Status
Blocked
Status
Need More Info
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
v1.0.0
Assignees
Clear assignees
No assignees
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference
luca0N/lanbassador#72
No description provided.