when logged in with users an error occurs in vis-2

[gokturk413]

No existing issues.

• [X] There is no existing issue for my problem.

Describe the bug

when logging in with users other than the administrator an error occurs in vis-2

To Reproduce

1

Expected behavior

i want to login with other user from, not only with administrator

Screenshots & Logfiles

Adapter version

v2.9.5

js-controller version

5.0.16

Node version

18.19.0

Operating system

windows11 23h2

Additional context

No response

[foxriver76]

Hm which error occurs? You mean the Index.html not found?

Please show the log from the browser console when this problem occurs. And please show the permissions of the group the user is in.

[gokturk413]

for example Operator group permission images i send

[foxriver76]

Looks good basically, but 404 should not really be related to some permission error. So if you are logging in as admin the error does not appear? Can you try iob u vis-2 on command line and then try again.

[gokturk413]

Administrator group works very well. İ check your help. But upload did not take any effect. I cannot access with user groups accounts.

[foxriver76]

Which version of web adapter is installed? It has to do something with web adapter, as this returns 404 in these scenarios.

[gokturk413]

my iobroker web adapter version is 6.1.10

[foxriver76]

Hm okay, this seems valid. If you give the group all permissions, does it work then?

[gokturk413]

i give all permission to any group but it does not work also

[fjbay]

I've had the same issue and tracked this down to the file permission of the vis folders. Per default, read/write permissions for files like index.html are only given for the user and group that owns the file/folder, which usually is admin/administrator. Any other user who's not part of the administrator group may have file read permissions in inbroker generally, but not specifically for the files you want to access when using the vis/web.0.

I worked around the issue by creating yet another group, changed the vis folders file ownership group to this new group and added all admin and vis users to the new user group. Now access is working properly.

What is the influence of the permissions settings for each group: If you don't set file permissions in any of the groups your user is part of, than you can't access the vis as well, even though the file permissions would allow it.

This way you could also specifically restrict access to the editor page to a certain group, by setting the file ownership and permissions accordingly for edit.html.

One thing that doesn't yet work for me is the per-page/per-widget visibility for certain user groups. The former seems to be just ignored, while trying to set the latter results into me being redirected to blank page directly from the editor.

Another thing: Editing the file permission via the admin adapter file browser (expert view) doesn't work to reliable for me. I did change the _data.json files manually (search and replace groups) and then did run an iobroker restart.

[gokturk413]

it did not change. The problem still exists

[AIXruth]

Hi I encountered the same issue and found two workarounds:

a) first login as admin. This somehow initialises the environment, so that a login with a simple user works till the next restart or timeout of a certain component (iobroker, web-instance or similar). I am a bit astonished, that this workaround solves the issue too. This looks like a bug in the web instance. Anyway this is just a workaround, where admin access would be required before a user logs in.

b) If you list the files of vis-2, you will see, that all files have no permissions for "others" yet. The following one-liner set all permissions to 664 for all the vis-2 files. I assume there are no secret files, which a simple user may not read. for i in $(iobroker list files vis-2 | awk '/vis-2/ {print $7}') ; do if [ -n $i ] ; then iobroker chmod 664 $i ; fi ; done Unfortunately the loop takes very long and set ALL files to 664. 644 might be not always correct. Unfortunately I haven't found a command to do a 'chmod +R o+r vis-2/', which would be the better solution.

My suggestion to solve this issue quick and easy: Please grant read permissions to all user related files and pack them (via npm?) accordingly.