as far as i know currently we have * and read permissions.
I would like to keep my flows read only on the remote server, but still allow admin users to be able to "inject" or "debug". is this even possible?
best regards,
Do you mean you want them to be able to add inject and debug nodes without having write access to the flows file?
1 Like
I assume its more the ability to click the inject button, rather than add new nodes to the configuration.
@aderici, a user can have multiple permissions. To give someone read-only access, but allow them to click the inject button, you can set their permissions to:
permissions: ["read","inject.write"]
2 Likes
Thank you Nick, that piece of information really solved my problem.
Is there a long list of permissions i can chose from? Or does it work like "node-red-contrib-some-custom-node.write"
I'm thinking about debug, but i believe it is not an easy task. I have seen generic debuggers that add itself to the panel i will check them for debugging purposes,
I don't have a list of the individual permissions - I had to double check the source code. I will see if I can pull out a list and put it somewhere useful.
The pattern will be "XYZ.read" and "XYZ.write" - its just a case of figuring out what values of XYZ are available 
To use the Debug toggle button , you need "debug.write" permission. Just remember that it requires a deploy of the flows to save changes to the debug node state. So whilst they will be able to toggle its state, if Node-RED restarts, it will revert back to whatever it was original set to.
This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.
