search

bugy / script-server

Web UI for your scripts with execution management
Other
1.52k stars 244 forks source link

admin users can't see runners #751

Closed muzzol closed 3 weeks ago

muzzol commented 3 weeks ago

I have a very simple setup with just one explicit operator group, so I'm using only admin_users and operators.

members of @admin can't access any runner unless I specify them in allowed_users.

this is my config:

{
    "port": 5000,
    "address": "0.0.0.0",
    "title": "My Front",
    "auth": {
        "type": "htpasswd",
        "htpasswd_path": "/opt/front-scripts/conf/htpasswd"
      },
    "access": {
        "allowed_users": [ "admin", "@operators"],
        "admin_users": [ "admin", "admin1", "admin2" ],
    "trusted_ips": ["127.0.0.1", "192.168.1.107", "192.168.1.108"],
    "groups": {
        "operators": ["@admin", "operator1"]
      }
    }
}

and this is a test runner:

{
  "name": "TEST",
  "script_path": "/opt/scripts/test.sh",
  "requires_terminal": true,
  "description": "test",
  "allowed_users": ["@operators", "admin1"]
}

If I take out admin1 from runner allowed_users it disappear.

I also tried with:

{
  "name": "TEST",
  "script_path": "/opt/scripts/test.sh",
  "requires_terminal": true,
  "description": "test",
  "allowed_users": ["@operators", "@admin"]
}

but the script is still hidden from any admin user.

my version is v1.18.0

bugy commented 3 weeks ago

Hey, this is expected behavior. The group for admins should be called admin_users, could you try that?

muzzol commented 3 weeks ago

I didn't realize that the name of the group was literally @admin_users

sorry about the confusion.

it works if I add the group to operators like this:

    "groups": {
        "operators": ["@admin_users", "operator1"]
      }

thanks for your time.