Rights needed for update uservariables

pigloox · Post by **pigloox** » Saturday 06 January 2018 18:29

Hi,

I need to update a uservariable via the Json API for a user who has limited rights. How can I do that?

During my tests, I could do it only with a user with "admin" rights is this normal?

pigloox · Post by **pigloox** » Thursday 11 January 2018 11:31

no one knows how to update a variable without having the full rights ?

pigloox · Post by **pigloox** » Saturday 20 April 2019 13:33

Hello,

After more than a year with this problem, I would have liked to know if it had been considered a feature to update a variable via json for a non-admin user?

Thx

waaren · Post by **waaren** » Saturday 20 April 2019 14:26

pigloox wrote: ↑Saturday 20 April 2019 13:33 After more than a year with this problem, I would have liked to know if it had been considered a feature to update a variable via json for a non-admin user?

Looking at the source code (WebServer.cpp line 1922-)

Code: Select all

		void CWebServer::Cmd_UpdateUserVariable(WebEmSession & session, const request& req, Json::Value &root)
		{
			if (session.rights != 2)
			{
				session.reply_status = reply::forbidden;
				return; //Only admin user allowed
			}

So yes it is by design; but if you define the IP address of the caller in [setup] [settings] [system] Local Networks (no username/password):
you can update the uservariable.

Rights needed for update uservariables

Rights needed for update uservariables

Re: Rights needed for update uservariables

Re: Rights needed for update uservariables

Re: Rights needed for update uservariables

Who is online