What are the available node-RED permissions

Are * and read the only available permissions when setting scope.?

Yes - we have the groundwork for supporting finer-grained permissions, but it isn't something we've formally supported.

1 Like

Will Node-RED in the future allow to have an editor configurations for each user?

Some settings are already remembered per-user. Anything you set in the settings dialog in the editor will be saved for the user.

Are there particular additional settings you have in mind?

Well, one user is the administrator and has access to everything. Another user only has the right to modify the flows (no palette manager).

I admit that I have no further idea on this subject.
I try to see it as a team, one of the members is in charge and the others have more or less restrictions.

Ah, I understand what you mean.

To expand on my original reply, we do have finer grained permissions in runtime API - so it is theoretically possible to give a user write access to the flows, but not write access to the nodes. But not sure it's fully validated.

But more importantly, the editor doesn't reflect those permissions well - it lets you try to do anything and reports back if it fails. Whereas it would be better to stop you trying to do something you aren't allowed to do.

Thanks, can be a topic of discussion for FlowFuse.

That would be sad. It would be helpful to many Node-RED users, not just FlowFuse users.

I know that I tried to add some finer control to the uibuilder Editor features in earlier days and it didn't work at the time, certainly would be nice to have some more authorisation control.

And it isn't at all suggested that anything in this area would be FF specific.

It may be that FF is able to provide a simple way to make use of any Node-RED capability, but any ability to have finer-grained permissions would be an entirely core Node-RED feature available to all.

1 Like