inventree/InvenTree
2
0
Fork 0
mirror of https://github.com/inventree/InvenTree.git synced 2026-04-02 09:31:02 +00:00
Code Activity

docs: add more details around staff / superuser roles and their dangers (#11658)

Browse Source
This commit is contained in:
Matthias Mair
2026-04-02 01:40:10 +02:00
committed by GitHub
parent c8bcb924ca
commit a8cef43484
2 changed files with 12 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
docs/docs/concepts/threat_model.md
View File

@@ -16,7 +16,7 @@ Deploying InvenTree to production requires to knowledge of the security assumpti
2. All users are trusted - therefore user uploaded files can be assumed to be safe. There are basic checks in place to ensure that the files are not using common attack vectors but those are not exhaustive.
3. Superuser permissions are only given to trusted users and not used for daily operations. A superuser account can manipulate or extract all files on the server that the InvenTree server process have access to.
3. Superuser or staff permissions are only given to trusted users and not used for daily operations. A superuser account can manipulate or extract all files on the server that the InvenTree server process have access to. See [dangerous user flags](../settings/permissions.md#dangerous-user-flags) for more details on user permissions and flags.
4. All templates and plugins are trusted.

11
docs/docs/settings/permissions.md
View File

@@ -50,6 +50,17 @@ Within each role, there are four levels of available permissions:
| **Add** | The *add* permission allows the user to add / create database records associated with the particular role |
| **Delete** | The *delete* permission allows the user to delete / remove database records associated with the particular role |
## Dangerous User Flags
In addition to the above permissions, there are two special flags that can be assigned to a user:
- **Staff** - A user with the *staff* flag is able to access the admin interface, and can trigger dangerous actions that might have a security impact such as changing parsable files on the server (templates / reports / plugins). Some of these actions require the *admin* role to be assigned as well.
- **Superuser** - A user with the *superuser* flag is able to access and change all data and functions of InvenTree. A superuser can modify and access all data that the InvenTree installation / server has access to - including shell access on the server OS itself. This is a very powerful flag, and should be used with caution.
It is strongly recommended to register any users with staff / superuser flags with strong MFA methods to reduce the risk of unauthorized access. These accounts should be used with caution, and should not be used for day-to-day operations.
Practicing account tiering is strongly recommended.
## Admin Interface Permissions
If a user does not have the required permissions to perform a certain action in the admin interface, those options not be displayed.