Domoticz

luberth wrote: ↑Sunday 25 November 2018 20:30 if a user looks at json data he can see the superuser readable name and coded password

luberth wrote: ↑Monday 26 November 2018 8:12 Hello

Is empty no text
Setup=>Settings
local_networks.png

point is cq how i look at it
i am sharing my floorplan for others to see
.......... would be nice for inspiration iff more people do
they can only watch
when they click a switch they get => you do not have permission to do that

but if someone with more knowledge as me
and knowing above user view only login
views the json
he or maybe even she can see superuser username in plain text
and coded password
i think there would be guys or even girls knowing how to uncode that password
and in they are
in my opinion the viewonlyuser should not see the superuser info in json with his rights

i watch a particular json(do not go into detail here,advanced domoticz json users will know wich one) with an online viewer
http://jsonviewer.stack.hu/
so its got nothing to do with local adres viewing

setup=>more options =>edit users
add an [ ]option jsonview allowed ?????
This makes vieweronly user test password test http://test:[email protected]:8080/#/Floorplans
but this user should not be allowed to see almost all superuser info in json
domoticz_user.png