AdminAuth Default Group Read Only access

LoranMaes · 6 November 2021 17:47

Hi!
I'm wondering if you can give users (everyone who isn't logged in into admin) permissions to only read the file.
If I follow the Securing Node-RED file I don't get the right thing because the default user group can still make changes, but they can't manage the palette etc.

This is what I have in my settings.js:

adminAuth: {
        type: "credentials",
        users: [
        {
            username: "loran",
            password: "$2b$08$BqucBnG7WuGzs.lhSmmnmeL7X80G4Igin8IvMzZ95qsJ/0aWwdUky",
            permissions: "*"
        }
        ],
            default: {
        permissions: "read"
    }
    },

knolleary · 6 November 2021 19:43

Have you tried deploying any changes as a default user?

read-only permission doesn't stop them from making changes in the editor... they just can't deploy those changes to the runtime.

LoranMaes · 6 November 2021 20:51

Yes, i found that.
Is there an option that they can't make changes in the editor?

hardillb · 6 November 2021 22:19

No, permissions are enforced on deploy

system · 5 January 2022 22:20

This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Question About Azure SSO Authentication General security , microsoft-azure	1	142	12 February 2024
adminAuth.users[].*.permissions: array or string? General	3	581	25 June 2020
Read-only user - what is it? Core Development	4	351	26 February 2023
How can I set up open dashboard access, but have user/pass on editor? Dashboard	6	573	3 November 2020
Enable Dashboard Access but deny flow adaptions Dashboard	5	677	16 November 2021

AdminAuth Default Group Read Only access

Related topics