Once again, please keep everything in the same thread please...
So your “rules” as you call them are JavaScript code that run manipulations on the messages. Have you thought of a way you can abstract those rules so that only specific variables change, or code is conditionally executed instead? You mention that you don’t want end users to have to dive into the flows and edit specific nodes, but based on this you still want them to write code.
Especially with the “wind farms over MQTT” from the first post this suggests that it’s an industrial project of a kind, a SCADA system potentially. By having your users execute arbitrary JavaScript code through those “rules” you are opening your industrial system to (remote) code execution. In regular situations code execution vulnerabilities are already pretty bad. On an industrial scale however, it’s horrible. I’ll be removing the post with the flow I posted yesterday in a moment so it cannot be utilised for this.
Please specify carefully why you need your rules like this, and why a setup with a user interface where specific parameters are changed won’t work for your situation. And keep in mind that what you might think is the road of least resistance (importing code through API calls/webhook callbacks, then executing those) comes with HUGE security risks, especially on an industrial scale/SCADA systems. Going this route might even cause mire problems on a long term scale.
My suggestion would be to go back to the drawing board and come up with a way where you get the functionality you need, without what you are asking for here. Do not try to import full “rules” as you call them, but work it out more carefully.
