Closed nomis closed 4 years ago
Some notes on user configuration:
DigestPassword
is supposed to be optional but if it's omitted a 2054 (invalid password) response is returnedThe minimum set of realms to login without an HTTP 400 error appears to be 6 (Storage) and 13 (General Information).
This is ok but I was hoping to reduce the amount of requests that are made.
It looks like the user can query their own realms with this access so it could be used to hide things that aren't relevant?
If a user with very limited permissions tries to use the web interface in Firefox, all of the HTTP 400 errors cause the username and password to be forgotten and Firefox prompts for them again. This happens repeatedly.
The web interface needs to only make access requests that the user has permission for. If it's not possible to determine what permissions the user has then each section should only request data when it is selected.