Role required to enable mailbox creation
-
wrote on Apr 1, 2021, 10:18 AM last edited by girish Apr 1, 2021, 10:07 PM
Hi, I setup a system, created a local admin account with User Manager role in it (https://docs.cloudron.io/user-management/#user-manager), but he has no access to create mailboxes for the user - is there any way to enable that feature, without giving Admin permissions?
And just in case, as it's not quite clear in official documentation: e-mail mailboxes are backed up and will be restored in case of the disaster recovery, is that a correct assumption?
-
First for the backup, all mailboxes are part of the backup and thus can be restored. They are part of the platform backup or in Cloudron terms "box" backups.
For the role, there is currently no specific email role and the user manager role also does not apply here. So far we haven't seen much requests regarding those roles, so there is a lot to be improved I think. Also while reading your question, it may actually make a lot of sense to allow the usermanager role to also manage mail related things. Not sure yet, feedback welcome.
To answer your immediate question, the only way to do this is to grant admin rights for this user at the moment.
-
First for the backup, all mailboxes are part of the backup and thus can be restored. They are part of the platform backup or in Cloudron terms "box" backups.
For the role, there is currently no specific email role and the user manager role also does not apply here. So far we haven't seen much requests regarding those roles, so there is a lot to be improved I think. Also while reading your question, it may actually make a lot of sense to allow the usermanager role to also manage mail related things. Not sure yet, feedback welcome.
To answer your immediate question, the only way to do this is to grant admin rights for this user at the moment.
wrote on Apr 13, 2021, 1:27 PM last edited by@nebulon thank you! It makes sense for me as well (usermanager role to manage user related things in overall).
That let separate things quite nicely and install Cloudron in more complex environments.
Hope you will make it sooner, rather than later - I'm looking forward to it!
-
First for the backup, all mailboxes are part of the backup and thus can be restored. They are part of the platform backup or in Cloudron terms "box" backups.
For the role, there is currently no specific email role and the user manager role also does not apply here. So far we haven't seen much requests regarding those roles, so there is a lot to be improved I think. Also while reading your question, it may actually make a lot of sense to allow the usermanager role to also manage mail related things. Not sure yet, feedback welcome.
To answer your immediate question, the only way to do this is to grant admin rights for this user at the moment.
wrote on Apr 26, 2021, 11:53 AM last edited by@nebulon any updates?
-
@nebulon thank you! It makes sense for me as well (usermanager role to manage user related things in overall).
That let separate things quite nicely and install Cloudron in more complex environments.
Hope you will make it sooner, rather than later - I'm looking forward to it!
wrote on Apr 30, 2021, 1:23 PM last edited by@girish probably you can assist?
-
@girish probably you can assist?
@potemkin_ai at the moment this is not on our immediate list for the next release. It needs further investigation what the side-effects are.
-
@potemkin_ai at the moment this is not on our immediate list for the next release. It needs further investigation what the side-effects are.
wrote on May 5, 2021, 2:12 PM last edited by@nebulon got it, thank you!
-
First for the backup, all mailboxes are part of the backup and thus can be restored. They are part of the platform backup or in Cloudron terms "box" backups.
For the role, there is currently no specific email role and the user manager role also does not apply here. So far we haven't seen much requests regarding those roles, so there is a lot to be improved I think. Also while reading your question, it may actually make a lot of sense to allow the usermanager role to also manage mail related things. Not sure yet, feedback welcome.
To answer your immediate question, the only way to do this is to grant admin rights for this user at the moment.
wrote on Jun 19, 2021, 4:14 PM last edited by@nebulon said in Role required to enable mailbox creation:
it may actually make a lot of sense to allow the usermanager role to also manage mail related things. Not sure yet, feedback welcome.
Yes, I think User Managers should be able to create email accounts too, given that in many cases a new user will also need a mailbox.
-
@nebulon said in Role required to enable mailbox creation:
it may actually make a lot of sense to allow the usermanager role to also manage mail related things. Not sure yet, feedback welcome.
Yes, I think User Managers should be able to create email accounts too, given that in many cases a new user will also need a mailbox.
wrote on Jun 20, 2021, 3:57 PM last edited by@jdaviescoates said in Role required to enable mailbox creation:
@nebulon said in Role required to enable mailbox creation:
it may actually make a lot of sense to allow the usermanager role to also manage mail related things. Not sure yet, feedback welcome.
Yes, I think User Managers should be able to create email accounts too, given that in many cases a new user will also need a mailbox.
And I can only agree with that guys.
-
@potemkin_ai at the moment this is not on our immediate list for the next release. It needs further investigation what the side-effects are.
wrote on Oct 7, 2021, 10:11 AM last edited by@nebulon is there any updates on this?
-
@nebulon is there any updates on this?
@potemkin_ai Can you tell your use case a bit more? Would this have to be at a domain level? Or server/cloudron level? Can a user add mailboxes for other users or just himself?
-
@potemkin_ai Can you tell your use case a bit more? Would this have to be at a domain level? Or server/cloudron level? Can a user add mailboxes for other users or just himself?
wrote on Oct 7, 2021, 4:18 PM last edited by@girish sure - the idea is to separate system administrator from mail & users administrator.
In my particular case I'm taking care of the OS & system things and don't touch or care about user's account and mailboxes; my partner doesn't want to care about how things works, he cares about users accounts and mailboxes.
Hope that makes sense!
-
@girish sure - the idea is to separate system administrator from mail & users administrator.
In my particular case I'm taking care of the OS & system things and don't touch or care about user's account and mailboxes; my partner doesn't want to care about how things works, he cares about users accounts and mailboxes.
Hope that makes sense!
@potemkin_ai I see, so you don't want your partner to be an admin either i.e cannot configure/install apps ? And neither can they start/stop mail server or configure the mail server settings. Just add mailboxes/lists/aliases ?
(Just trying to think what this means code wise internally. A person who can just add mailboxes still has to be able to list domains, for example).
-
@potemkin_ai I see, so you don't want your partner to be an admin either i.e cannot configure/install apps ? And neither can they start/stop mail server or configure the mail server settings. Just add mailboxes/lists/aliases ?
(Just trying to think what this means code wise internally. A person who can just add mailboxes still has to be able to list domains, for example).
-
@girish what I would want is something like a domain-administrator, who can add users/email and apps (or maybe with the option not to install apps) for one or more domains, so they can't interfere with admins from other domains
@msbt yeah, that would promote shared hosting style setups. Internally, Cloudron is designed for single tenant setups. For example, one has to be careful to not "leak" domains/users/apps/settings to other tenants. People will then want to brand each tenant landing page separately, have settings per tenant and so on. Not sure we want to go into that direction yet.
-
@msbt yeah, that would promote shared hosting style setups. Internally, Cloudron is designed for single tenant setups. For example, one has to be careful to not "leak" domains/users/apps/settings to other tenants. People will then want to brand each tenant landing page separately, have settings per tenant and so on. Not sure we want to go into that direction yet.
-
M murgero referenced this topic on Oct 7, 2021, 8:29 PM
-
@msbt yeah, that would promote shared hosting style setups. Internally, Cloudron is designed for single tenant setups. For example, one has to be careful to not "leak" domains/users/apps/settings to other tenants. People will then want to brand each tenant landing page separately, have settings per tenant and so on. Not sure we want to go into that direction yet.
wrote on Oct 11, 2021, 5:23 PM last edited by@girish what about just a normal organization level rights separation?
I mean - it's really two different set of roles:- 1st line support, dealing with mailboxes
- 2nd or 3rd, making sure the system and services are up and running.
I don't need hiding anything, I just want to ensure my users can manage they mailboxes and users for they own.
For now I have to temporary give admin permissions to the 1st line and that's kind of risky...