Editing SPF as TXT

As an Admin I can edit SPF as TXT records. I have three buttons at the bottom giving me that option. A client says she only has two buttons with the TXT option missing. The SPF-record box is read-only so this is the only way I can add/edit a SPF record. She cannot.

Have I misconfigured something?

 

IIRC there was an Issue with this in older versions of ISPConfig. You could not edit SPF records that were created by the admin, because it opened the plain TXT record edit form, instead of the SPF record form for the client, but the client does not have access to the plain text editing of SPF records.

What version of ISPConfig are you using?

 

ISPConfig 3.3.0p2. Without checking I don't think the client can edit/create records not edited by me.

 

Can you provide a screenshot or error message of the issue?

 

See below. First is mine, second was sent by my client.

 

Users are not allowed to edit the plain TXT for SPF. They need to use the SPF form.

 

But the SPF record is read-only for both of us so they can't. Which begs the question why would you not want to allow the client to edit the SPF record? Otherwise they have full access to their DNS Zone.

 

They should be able to edit the fields of the form where all the information for the record is set. The plain text is not editable by customers to have a Bit more of a safegaurd.

As an admin you can always edit the plain TXT record, but customers have to use the form.

 

A client cannot edit a SPF record. The SPF record field is read-only and if you try and click on the TXT record it throws you into the non-editable SPF form. So they cannot control their own record. We trust them when the rest of the zone so I don't see rationale.

It's a blocker.

 

I've just tested it as a user.
The form definitely IS NOT read-only.
I edited the SPF record without any problem.

 

firstly, is it really that they can't edit the spf form?
are they trying to type stuff in the greyed out 'spf record' textbox?
that's always uneditable, even by admin. it's just a preview of the record, can they enter anything into any of the other fields?
using the checkboxes and other text fields is how the client alters the existing spf record
they should be able to select/unselect checkboxes and edit the other text fields, even if the record was created by admin, it should only give an error about not having permission when they try saving the edited form.

and a client can freely edit the rest of the zone because most records are simple and can be easily validated, if they enter eg a wrong format for an A record ip they can be told what they've got wrong. for an spf record, it's more complicated, if they can freely edit it they'll end up leaving out the v=spf1, or adding too many ip's, etc and it's more difficult to tell them how they're messing up.
should be the same with SRV records, too many fields need to be in the right format in the right order, giving clients a free text field to enter the target data is just asking for trouble.