Hi all,
A silly question, I've been trying to get a custom HTTP end-point for a node working -- this has an endpoint which lists what serial ports are available (should be a familiar problem).
My endpoint code looks like this:
RED.httpAdmin.get(
'/wsmodbus/serial/ports',
RED.auth.needsPermission('serial.read'),
function (req, res) {
const fs = require('fs');
const os = require('os');
try {
/*… etc … */
res.json(the_list);
} catch (err) {
res.status(500);
res.json([err.message]);
}
}
);
Now, my settings.js
has this:
adminAuth: {
type: "credentials",
users: [{
username: "admin",
password: "…",
permissions: "*"
}]
},
This is basically what is seen in the documentation.
If I try to hit the endpoint from the UI, I get error 401: Unauthorized
. I would have thought *
meant access all areas. Node-RED begs to differ it would seem.
Elsewhere, I saw this written as an array. This sed
command indeed resolved the 401 error:
sed -ie '/permissions:/ s/"\*"/["*"]/g' config/settings.js
Sadly, JSON won't let me make it both an array and a string simultaneously, I have to choose one or the other. The array form is undocumented, the string form doesn't seem to work as advertised.
Which is it meant to be?